CVE-2023-50291 Information

Description

Insufficiently Protected Credentials vulnerability in Apache Solr.

This issue affects Apache Solr: from 6.0.0 through 8.11.2 from 9.0.0 before 9.3.0. One of the two endpoints that publishes the Solr process’ Java system properties /admin/info/properties was only setup to hide system properties that had \password\ contained in the name. There are a number of sensitive system properties such as asicauth\ and ws.secretKey\ do not contain \password\ thus their values were published via the /admin/info/properties\ endpoint. This endpoint populates the list of System Properties on the home screen of the Solr Admin page making the exposed credentials visible in the UI.

This /admin/info/properties endpoint is protected under the ## Reference https://solr.apache.org/security.html#cve-2023-50291-apache-solr-can-leak-certain-passwords-due-to-system-property-redaction-logic-inconsistencies http://www.openwall.com/lists/oss-security/2024/02/09/4