Ecosyste.ms: Advisories
An open API service providing security vulnerability metadata for many open source software ecosystems.
Security Advisories: MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTdweDMtNmY2Zy1oeGNq
XML external entity expansion in org.apache.solr:solr-core
This vulnerability in Apache Solr 6.0.0 to 6.6.4 and 7.0.0 to 7.3.1 relates to an XML external entity expansion (XXE) in Solr config files (currency.xml, enumsConfig.xml referred from schema.xml, TIKA parsecontext config file). In addition, Xinclude functionality provided in these config files is also affected in a similar way. The vulnerability can be used as XXE using file/ftp/http protocols in order to read arbitrary local files from the Solr server or the internal network. The manipulated files can be uploaded as configsets using Solr's API, allowing to exploit that vulnerability.
Permalink: https://github.com/advisories/GHSA-7px3-6f6g-hxcjJSON: https://advisories.ecosyste.ms/api/v1/advisories/MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTdweDMtNmY2Zy1oeGNq
Source: GitHub Advisory Database
Origin: Unspecified
Severity: Moderate
Classification: General
Published: about 6 years ago
Updated: 10 months ago
CVSS Score: 5.5
CVSS vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
EPSS Percentage: 0.00836
EPSS Percentile: 0.8183
Identifiers: GHSA-7px3-6f6g-hxcj, CVE-2018-8026
References:
- https://nvd.nist.gov/vuln/detail/CVE-2018-8026
- https://github.com/advisories/GHSA-7px3-6f6g-hxcj
- https://issues.apache.org/jira/browse/SOLR-12450
- https://mail-archives.apache.org/mod_mbox/lucene-solr-user/201807.mbox/%3C0cdc01d413b7%24f97ba580%24ec72f080%24%40apache.org%3E
- https://github.com/apache/lucene-solr/commit/1880d4824e6c5f98170b9a00aad1d437ee2aa12
- https://github.com/apache/lucene-solr/commit/3aa6086ed99fa7158d423dc7c33dae6da466b09
- https://github.com/apache/lucene-solr/commit/d1baf6ba593561f39e2da0a71a8440797005b55
- https://github.com/apache/lucene-solr/commit/e5407c5a9710247e5f728aae36224a245a51f0b
- https://security.netapp.com/advisory/ntap-20190307-0002
Blast Radius: 20.3
Affected Packages
maven:org.apache.solr:solr-core
Dependent packages: 377Dependent repositories: 4,902
Downloads:
Affected Version Ranges: >= 7.0.0, < 7.4.0, >= 6.0.0, < 6.6.5
Fixed in: 7.4.0, 6.6.5
All affected versions: 6.0.0, 6.0.1, 6.1.0, 6.2.0, 6.2.1, 6.3.0, 6.4.0, 6.4.1, 6.4.2, 6.5.0, 6.5.1, 6.6.0, 6.6.1, 6.6.2, 6.6.3, 6.6.4, 7.0.0, 7.0.1, 7.1.0, 7.2.0, 7.2.1, 7.3.0, 7.3.1
All unaffected versions: 1.3.0, 1.4.0, 1.4.1, 3.1.0, 3.2.0, 3.3.0, 3.4.0, 3.5.0, 3.6.0, 3.6.1, 3.6.2, 4.0.0, 4.1.0, 4.2.0, 4.2.1, 4.3.0, 4.3.1, 4.4.0, 4.5.0, 4.5.1, 4.6.0, 4.6.1, 4.7.0, 4.7.1, 4.7.2, 4.8.0, 4.8.1, 4.9.0, 4.9.1, 4.10.0, 4.10.1, 4.10.2, 4.10.3, 4.10.4, 5.0.0, 5.1.0, 5.2.0, 5.2.1, 5.3.0, 5.3.1, 5.3.2, 5.4.0, 5.4.1, 5.5.0, 5.5.1, 5.5.2, 5.5.3, 5.5.4, 5.5.5, 6.6.5, 6.6.6, 7.4.0, 7.5.0, 7.6.0, 7.7.0, 7.7.1, 7.7.2, 7.7.3, 8.0.0, 8.1.0, 8.1.1, 8.2.0, 8.3.0, 8.3.1, 8.4.0, 8.4.1, 8.5.0, 8.5.1, 8.5.2, 8.6.0, 8.6.1, 8.6.2, 8.6.3, 8.7.0, 8.8.0, 8.8.1, 8.8.2, 8.9.0, 8.10.0, 8.10.1, 8.11.0, 8.11.1, 8.11.2, 8.11.3, 8.11.4, 9.0.0, 9.1.0, 9.1.1, 9.2.0, 9.2.1, 9.3.0, 9.4.0, 9.4.1, 9.5.0, 9.6.0, 9.6.1, 9.7.0