CVE-2017-3164 Information

Description

Server Side Request Forgery in Apache Solr versions 1.3 until 7.6 (inclusive). Since the \shards\ parameter does not have a corresponding whitelist mechanism a remote attacker with access to the server could make Solr perform an HTTP GET request to any reachable URL.

CVSS Vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Reference

http://mail-archives.apache.org/mod_mbox/www-announce/201902.mbox/3CCAECwjAVjBN3DwO5rYs6ktAX-53D-f5JDFwbbTSM2TTjEbGO5jKKA40mail.gmail.com3E http://www.securityfocus.com/bid/107026 https://lists.apache.org/thread.html/43026507844ada1ac658ccf7bc939378c13e492fd6538416ce65df39@3Cdev.lucene.apache.org3E https://lists.apache.org/thread.html/75dc651478f9d04505b46d44fe3ac739e7aaf3d7bf1257973685f8f7@3Cdev.lucene.apache.org3E https://lists.apache.org/thread.html/bcce5a9c532b386c68dab2f6b3ce8b0cc9b950ec551766e76391caa3@3Ccommits.nifi.apache.org3E https://lists.apache.org/thread.html/ca3105b6934ccd28e843dffe39724f6963ff49825e9b709837203649@3Cdev.lucene.apache.org3E https://lists.apache.org/thread.html/e0f9c652b57a91fdcc287efcead620af9f4d8e46b88f0b761aa265de@3Cdev.lucene.apache.org3E https://lists.apache.org/thread.html/rca37935d661f4689cb4119f1b3b224413b22be161b678e6e6ce0c69b@3Ccommits.nifi.apache.org3E https://security.netapp.com/advisory/ntap-20190327-0003/ https://www.oracle.com/security-alerts/cpuoct2020.html https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html

Attack Complexity

LOW

Privileges Required

NONE

User Interaction Required

NONE

Scope

NONE

Confidentiality Impact

UNCHANGED

Integrity Impact

HIGH

Availability Impact

NONE

Base Score

NONE

Base Severity

7.5