This is an automated email from the ASF dual-hosted git repository.
git-site-role pushed a commit to branch asf-staging
in repository https://gitbox.apache.org/repos/asf/solr-site.git
The following commit(s) were added to refs/heads/asf-staging by this push:
new 5e9cfa5b1 Automatic Site Publish by Buildbot
5e9cfa5b1 is described below
commit 5e9cfa5b11bf123fb1b9b40f961dc3751b4a113e
Author: buildbot <[email protected]>
AuthorDate: Fri Jan 12 21:24:33 2024 +0000
Automatic Site Publish by Buildbot
---
output/feeds/all.atom.xml | 40 ++++++++++++++++++++-----------------
output/feeds/solr/security.atom.xml | 38 +++++++++++++++++++----------------
output/news.html | 30 +++++++++++++++-------------
output/security.html | 30 +++++++++++++++-------------
4 files changed, 75 insertions(+), 63 deletions(-)
diff --git a/output/feeds/all.atom.xml b/output/feeds/all.atom.xml
index 059e8b582..8e02c78c7 100644
--- a/output/feeds/all.atom.xml
+++ b/output/feeds/all.atom.xml
@@ -1,23 +1,27 @@
<?xml version="1.0" encoding="utf-8"?>
-<feed xmlns="http://www.w3.org/2005/Atom";><title>Apache Solr</title><link
href="/" rel="alternate"></link><link href="/feeds/all.atom.xml"
rel="self"></link><id>/</id><updated>2024-01-12T00:00:00+00:00</updated><subtitle></subtitle><subtitle></subtitle><entry><title>CVE-2023-50290:
Apache Solr allows read access to host environment variables</title><link
href="/cve-2023-50290-apache-solr-allows-read-access-to-host-environment-variables.html"
rel="alternate"></link><published>2024-01-12T0 [...]
+<feed xmlns="http://www.w3.org/2005/Atom";><title>Apache Solr</title><link
href="/" rel="alternate"></link><link href="/feeds/all.atom.xml"
rel="self"></link><id>/</id><updated>2024-01-12T00:00:00+00:00</updated><subtitle></subtitle><subtitle></subtitle><entry><title>CVE-2023-50290:
Apache Solr allows read access to host environment variables</title><link
href="/cve-2023-50290-apache-solr-allows-read-access-to-host-environment-variables.html"
rel="alternate"></link><published>2024-01-12T0 [...]
+Important</p>
+<p><strong>Versions Affected:</strong><br>
Solr 9.0 to 9.2.1</p>
-<p><strong>Description:</strong>
+<p><strong>Description:</strong><br>
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in
Apache Solr.
The Solr Metrics API publishes all unprotected environment variables available
to each Apache Solr instance.
-Users are able to specify which environment variables to hide, however, the
default …</p></summary><content
type="html"><p><strong>Versions Affected:</strong>
+Users are able to specify which environment variables to hide, however
…</p></summary><content
type="html"><p><strong>Severity:</strong><br>
+Important</p>
+<p><strong>Versions Affected:</strong><br>
Solr 9.0 to 9.2.1</p>
-<p><strong>Description:</strong>
+<p><strong>Description:</strong><br>
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in
Apache Solr.
The Solr Metrics API publishes all unprotected environment variables available
to each Apache Solr instance.
Users are able to specify which environment variables to hide, however, the
default list is designed to work for known secret Java system properties.
Environment variables cannot be strictly defined in Solr, like Java system
properties can be, and may be set for the entire host, unlike Java system
properties which are set per-Java-process.</p>
<p>The Solr Metrics API is protected by the "metrics-read" permission.
Therefore, Solr Clouds with Authorization setup will only be vulnerable via
users with the "metrics-read" permission.</p>
-<p><strong>Mitigation:</strong>
+<p><strong>Mitigation:</strong><br>
Users are recommended to upgrade to version 9.3.0 or later, in which
environment variables are not published via the Metrics API.</p>
-<p><strong>References:</strong>
-https://nvd.nist.gov/vuln/detail/CVE-2023-50290
-https://issues.apache.org/jira/browse/SOLR-16808</p></content><category
term="solr/security"></category></entry><entry><title>Apache Solr Operator™
v0.8.0 available</title><link
href="/apache-solr-operatortm-v080-available.html"
rel="alternate"></link><published>2023-10-20T00:00:00+00:00</published><updated>2023-10-20T00:00:00+00:00</updated><author><name>Solr
Developers</name></author><id>tag:None,2023-10-20:/apache-solr-operatortm-v080-available.html</id><summary
type="html">< [...]
+<p><strong>References:</strong><br>
+JIRA - <a
href="https://issues.apache.org/jira/browse/SOLR-16808">SOLR-15233</a><br>
+CVE - <a
href="https://nvd.nist.gov/vuln/detail/CVE-2023-50290">CVE-2023-50290</a></p></content><category
term="solr/security"></category></entry><entry><title>Apache Solr Operator™
v0.8.0 available</title><link
href="/apache-solr-operatortm-v080-available.html"
rel="alternate"></link><published>2023-10-20T00:00:00+00:00</published><updated>2023-10-20T00:00:00+00:00</updated><author><name>Solr
Developers</name></author><id>tag:None,2023-10-20:/apache-solr-operatortm-v08
[...]
<p>The Apache Solr Operator is a safe and easy way of managing a Solr
ecosystem in Kubernetes.</p>
<p>This release contains numerous bug fixes, optimizations, and
improvements, some of which are highlighted below …</p></summary><content
type="html"><p>The Apache Solr PMC is pleased to announce the release of
the Apache Solr Operator v0.8.0.</p>
<p>The Apache Solr Operator is a safe and easy way of managing a Solr
ecosystem in Kubernetes.</p>
@@ -209,28 +213,28 @@
https://issues.apache.org/jira/browse/SOLR-16808</p></content><category te
<p>Please refer to the Upgrade Notes in the Solr Ref Guide for
information on upgrading from previous Solr versions:</p>
<p><a
href="https://solr.apache.org/guide/solr/9_1/upgrade-notes/solr-upgrade-notes.html">https://solr.apache.org/guide/solr/9_1/upgrade-notes/solr-upgrade-notes.html</a></p>
<p>Please read CHANGES.txt for a full list of bugfixes:</p>
-<p><a
href="https://solr.apache.org/9_1_1/changes/Changes.html">https://solr.apache.org/9_1_1/changes/Changes.html</a></p></content><category
term="solr/news"></category></entry><entry><title>Apache Solr is vulnerable to
CVE-2022-39135 via /sql handler</title><link
href="/apache-solr-is-vulnerable-to-cve-2022-39135-via-sql-handler.html"
rel="alternate"></link><published>2022-11-20T00:00:00+00:00</published><updated>2022-11-20T00:00:00+00:00</updated><author><name>
[...]
+<p><a
href="https://solr.apache.org/9_1_1/changes/Changes.html">https://solr.apache.org/9_1_1/changes/Changes.html</a></p></content><category
term="solr/news"></category></entry><entry><title>Apache Solr is vulnerable to
CVE-2022-39135 via /sql handler</title><link
href="/apache-solr-is-vulnerable-to-cve-2022-39135-via-sql-handler.html"
rel="alternate"></link><published>2022-11-20T00:00:00+00:00</published><updated>2022-11-20T00:00:00+00:00</updated><author><name>
[...]
Solr 6.5 to 8.11.2
Solr 9.0</p>
-<p><strong>Description:</strong>
-Apache Calcite has a vulnerability, CVE-2022-39135, that is exploitable in
Apache Solr in SolrCloud mode. If an untrusted user can supply SQL queries to
Solr’s “/sql” handler (even indirectly via proxies / other apps), then the user
…</p></summary><content type="html"><p><strong>Versions
Affected:</strong>
+<p><strong>Description:</strong><br>
+Apache Calcite has a vulnerability, CVE-2022-39135, that is exploitable in
Apache Solr in SolrCloud mode. If an untrusted user can supply SQL queries to
Solr’s “/sql” handler (even indirectly via proxies / other apps), then the user
…</p></summary><content type="html"><p><strong>Versions
Affected:</strong><br>
Solr 6.5 to 8.11.2
Solr 9.0</p>
-<p><strong>Description:</strong>
+<p><strong>Description:</strong><br>
Apache Calcite has a vulnerability, CVE-2022-39135, that is exploitable in
Apache Solr in SolrCloud mode. If an untrusted user can supply SQL queries to
Solr’s “/sql” handler (even indirectly via proxies / other apps), then the user
could perform an XML External Entity (XXE) attack. This might have been
exposed by some deployers of Solr in order for internal analysts to use JDBC
based tooling, but would have unlikely been granted to wider
audiences.</p>
-<p><strong>Impact:</strong>
+<p><strong>Impact:</strong><br>
An XXE attack may lead to the disclosure of confidential data, denial of
service, server side request forgery (SSRF), port scanning from the Solr node,
and other system impacts.</p>
-<p><strong>Mitigation:</strong>
+<p><strong>Mitigation:</strong><br>
Most Solr installations don’t make use of the SQL functionality. For such
users, the standard Solr security advice of using a firewall should be
adequate. Nonetheless, the functionality can be disabled. As of Solr 9, it
has been modularized and thus became opt-in, so nothing is needed for Solr 9
users that don’t use it. Users <em>not</em> using SolrCloud can’t
use the functionality at all. For other users that wish to disable it, you
must register a request handler that [...]
<div
class="codehilite"><pre><span></span><code><span
class="err"> &lt;requestHandler name=&quot;/sql&quot;
class=&quot;solr.NotFoundRequestHandler&quot;/&gt;</span>
</code></pre></div>
<p>Users needing this SQL functionality are forced to upgrade to Solr
9.1. If Solr 8.11.3 is released, then it will be an option as well. Simply
replacing Calcite and other JAR files may mostly work but could fail depending
on the particulars of the query. Users interested in this or in patching their
own versions of Solr should examine SOLR-16421 for a source patch.</p>
-<p><strong>Credit:</strong>
+<p><strong>Credit:</strong><br>
Andreas Hubold at CoreMedia GmbH</p>
-<p><strong>References:</strong>
-https://nvd.nist.gov/vuln/detail/CVE-2022-39135
-https://issues.apache.org/jira/browse/SOLR-16421</p></content><category
term="solr/security"></category></entry><entry><title>Apache Solr™ 9.1.0
available</title><link href="/apache-solrtm-910-available.html"
rel="alternate"></link><published>2022-11-17T00:00:00+00:00</published><updated>2022-11-17T00:00:00+00:00</updated><author><name>Solr
Developers</name></author><id>tag:None,2022-11-17:/apache-solrtm-910-available.html</id><summary
type="html"><p>The Solr PMC is pleased t [...]
+<p><strong>References:</strong><br>
+JIRA - <a
href="https://issues.apache.org/jira/browse/SOLR-16421">SOLR-16421</a><br>
+CVE - <a
href="https://nvd.nist.gov/vuln/detail/CVE-2022-39135">CVE-2022-39135</a></p></content><category
term="solr/security"></category></entry><entry><title>Apache Solr™ 9.1.0
available</title><link href="/apache-solrtm-910-available.html"
rel="alternate"></link><published>2022-11-17T00:00:00+00:00</published><updated>2022-11-17T00:00:00+00:00</updated><author><name>Solr
Developers</name></author><id>tag:None,2022-11-17:/apache-solrtm-910-available.html</id><summary
[...]
<p>Solr is the popular, blazing fast, open source NoSQL search platform
from the Apache Solr project. Its major features include powerful full-text
search, hit highlighting, faceted search, dynamic clustering, database
integration, rich document handling, and …</p></summary><content
type="html"><p>The Solr PMC is pleased to announce the release of Apache
Solr 9.1.0.</p>
<p>Solr is the popular, blazing fast, open source NoSQL search platform
from the Apache Solr project. Its major features include powerful full-text
search, hit highlighting, faceted search, dynamic clustering, database
integration, rich document handling, and geospatial search. Solr is highly
scalable, providing fault tolerant distributed search and indexing, and powers
the search and navigation features of many of the world's largest internet
sites.</p>
<p>Solr 9.1.0 is available for immediate download at:</p>
diff --git a/output/feeds/solr/security.atom.xml
b/output/feeds/solr/security.atom.xml
index acb1eef82..305bb45a6 100644
--- a/output/feeds/solr/security.atom.xml
+++ b/output/feeds/solr/security.atom.xml
@@ -1,44 +1,48 @@
<?xml version="1.0" encoding="utf-8"?>
-<feed xmlns="http://www.w3.org/2005/Atom";><title>Apache Solr -
solr/security</title><link href="/" rel="alternate"></link><link
href="/feeds/solr/security.atom.xml"
rel="self"></link><id>/</id><updated>2024-01-12T00:00:00+00:00</updated><subtitle></subtitle><subtitle></subtitle><entry><title>CVE-2023-50290:
Apache Solr allows read access to host environment variables</title><link
href="/cve-2023-50290-apache-solr-allows-read-access-to-host-environment-variables.html"
rel="alternate"></li [...]
+<feed xmlns="http://www.w3.org/2005/Atom";><title>Apache Solr -
solr/security</title><link href="/" rel="alternate"></link><link
href="/feeds/solr/security.atom.xml"
rel="self"></link><id>/</id><updated>2024-01-12T00:00:00+00:00</updated><subtitle></subtitle><subtitle></subtitle><entry><title>CVE-2023-50290:
Apache Solr allows read access to host environment variables</title><link
href="/cve-2023-50290-apache-solr-allows-read-access-to-host-environment-variables.html"
rel="alternate"></li [...]
+Important</p>
+<p><strong>Versions Affected:</strong><br>
Solr 9.0 to 9.2.1</p>
-<p><strong>Description:</strong>
+<p><strong>Description:</strong><br>
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in
Apache Solr.
The Solr Metrics API publishes all unprotected environment variables available
to each Apache Solr instance.
-Users are able to specify which environment variables to hide, however, the
default …</p></summary><content
type="html"><p><strong>Versions Affected:</strong>
+Users are able to specify which environment variables to hide, however
…</p></summary><content
type="html"><p><strong>Severity:</strong><br>
+Important</p>
+<p><strong>Versions Affected:</strong><br>
Solr 9.0 to 9.2.1</p>
-<p><strong>Description:</strong>
+<p><strong>Description:</strong><br>
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in
Apache Solr.
The Solr Metrics API publishes all unprotected environment variables available
to each Apache Solr instance.
Users are able to specify which environment variables to hide, however, the
default list is designed to work for known secret Java system properties.
Environment variables cannot be strictly defined in Solr, like Java system
properties can be, and may be set for the entire host, unlike Java system
properties which are set per-Java-process.</p>
<p>The Solr Metrics API is protected by the "metrics-read" permission.
Therefore, Solr Clouds with Authorization setup will only be vulnerable via
users with the "metrics-read" permission.</p>
-<p><strong>Mitigation:</strong>
+<p><strong>Mitigation:</strong><br>
Users are recommended to upgrade to version 9.3.0 or later, in which
environment variables are not published via the Metrics API.</p>
-<p><strong>References:</strong>
-https://nvd.nist.gov/vuln/detail/CVE-2023-50290
-https://issues.apache.org/jira/browse/SOLR-16808</p></content><category
term="solr/security"></category></entry><entry><title>Apache Solr is vulnerable
to CVE-2022-39135 via /sql handler</title><link
href="/apache-solr-is-vulnerable-to-cve-2022-39135-via-sql-handler.html"
rel="alternate"></link><published>2022-11-20T00:00:00+00:00</published><updated>2022-11-20T00:00:00+00:00</updated><author><name>Solr
Developers</name></author><id>tag:None,2022-11-20:/apache-solr-is-vulnerable-to
[...]
+<p><strong>References:</strong><br>
+JIRA - <a
href="https://issues.apache.org/jira/browse/SOLR-16808">SOLR-15233</a><br>
+CVE - <a
href="https://nvd.nist.gov/vuln/detail/CVE-2023-50290">CVE-2023-50290</a></p></content><category
term="solr/security"></category></entry><entry><title>Apache Solr is
vulnerable to CVE-2022-39135 via /sql handler</title><link
href="/apache-solr-is-vulnerable-to-cve-2022-39135-via-sql-handler.html"
rel="alternate"></link><published>2022-11-20T00:00:00+00:00</published><updated>2022-11-20T00:00:00+00:00</updated><author><name>Solr
Developers</name></author><id>tag [...]
Solr 6.5 to 8.11.2
Solr 9.0</p>
-<p><strong>Description:</strong>
-Apache Calcite has a vulnerability, CVE-2022-39135, that is exploitable in
Apache Solr in SolrCloud mode. If an untrusted user can supply SQL queries to
Solr’s “/sql” handler (even indirectly via proxies / other apps), then the user
…</p></summary><content type="html"><p><strong>Versions
Affected:</strong>
+<p><strong>Description:</strong><br>
+Apache Calcite has a vulnerability, CVE-2022-39135, that is exploitable in
Apache Solr in SolrCloud mode. If an untrusted user can supply SQL queries to
Solr’s “/sql” handler (even indirectly via proxies / other apps), then the user
…</p></summary><content type="html"><p><strong>Versions
Affected:</strong><br>
Solr 6.5 to 8.11.2
Solr 9.0</p>
-<p><strong>Description:</strong>
+<p><strong>Description:</strong><br>
Apache Calcite has a vulnerability, CVE-2022-39135, that is exploitable in
Apache Solr in SolrCloud mode. If an untrusted user can supply SQL queries to
Solr’s “/sql” handler (even indirectly via proxies / other apps), then the user
could perform an XML External Entity (XXE) attack. This might have been
exposed by some deployers of Solr in order for internal analysts to use JDBC
based tooling, but would have unlikely been granted to wider
audiences.</p>
-<p><strong>Impact:</strong>
+<p><strong>Impact:</strong><br>
An XXE attack may lead to the disclosure of confidential data, denial of
service, server side request forgery (SSRF), port scanning from the Solr node,
and other system impacts.</p>
-<p><strong>Mitigation:</strong>
+<p><strong>Mitigation:</strong><br>
Most Solr installations don’t make use of the SQL functionality. For such
users, the standard Solr security advice of using a firewall should be
adequate. Nonetheless, the functionality can be disabled. As of Solr 9, it
has been modularized and thus became opt-in, so nothing is needed for Solr 9
users that don’t use it. Users <em>not</em> using SolrCloud can’t
use the functionality at all. For other users that wish to disable it, you
must register a request handler that [...]
<div
class="codehilite"><pre><span></span><code><span
class="err"> &lt;requestHandler name=&quot;/sql&quot;
class=&quot;solr.NotFoundRequestHandler&quot;/&gt;</span>
</code></pre></div>
<p>Users needing this SQL functionality are forced to upgrade to Solr
9.1. If Solr 8.11.3 is released, then it will be an option as well. Simply
replacing Calcite and other JAR files may mostly work but could fail depending
on the particulars of the query. Users interested in this or in patching their
own versions of Solr should examine SOLR-16421 for a source patch.</p>
-<p><strong>Credit:</strong>
+<p><strong>Credit:</strong><br>
Andreas Hubold at CoreMedia GmbH</p>
-<p><strong>References:</strong>
-https://nvd.nist.gov/vuln/detail/CVE-2022-39135
-https://issues.apache.org/jira/browse/SOLR-16421</p></content><category
term="solr/security"></category></entry><entry><title>CVE-2021-44548: Apache
Solr information disclosure vulnerability through
DataImportHandler</title><link
href="/cve-2021-44548-apache-solr-information-disclosure-vulnerability-through-dataimporthandler.html"
rel="alternate"></link><published>2021-12-18T00:00:00+00:00</published><updated>2021-12-18T00:00:00+00:00</updated><author><name>Solr
Developers</name></ [...]
+<p><strong>References:</strong><br>
+JIRA - <a
href="https://issues.apache.org/jira/browse/SOLR-16421">SOLR-16421</a><br>
+CVE - <a
href="https://nvd.nist.gov/vuln/detail/CVE-2022-39135">CVE-2022-39135</a></p></content><category
term="solr/security"></category></entry><entry><title>CVE-2021-44548: Apache
Solr information disclosure vulnerability through
DataImportHandler</title><link
href="/cve-2021-44548-apache-solr-information-disclosure-vulnerability-through-dataimporthandler.html"
rel="alternate"></link><published>2021-12-18T00:00:00+00:00</published><updated>2021-12-18T00:00:00+00:00</
[...]
Moderate</p>
<p><strong>Versions Affected:</strong><br>
All versions prior to 8.11.1. Affected platforms: Windows.</p>
diff --git a/output/news.html b/output/news.html
index aefa4ebf9..c6d66f2fd 100644
--- a/output/news.html
+++ b/output/news.html
@@ -135,20 +135,22 @@
<h2
id="cve-2023-50290-apache-solr-allows-read-access-to-host-environment-variables">12
January 2024, CVE-2023-50290: Apache Solr allows read access to host
environment variables
<a class="headerlink"
href="#cve-2023-50290-apache-solr-allows-read-access-to-host-environment-variables"
title="Permanent link">¶</a>
</h2>
- <p><strong>Versions Affected:</strong>
+ <p><strong>Severity:</strong><br>
+Important</p>
+<p><strong>Versions Affected:</strong><br>
Solr 9.0 to 9.2.1</p>
-<p><strong>Description:</strong>
+<p><strong>Description:</strong><br>
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in
Apache Solr.
The Solr Metrics API publishes all unprotected environment variables available
to each Apache Solr instance.
Users are able to specify which environment variables to hide, however, the
default list is designed to work for known secret Java system properties.
Environment variables cannot be strictly defined in Solr, like Java system
properties can be, and may be set for the entire host, unlike Java system
properties which are set per-Java-process.</p>
<p>The Solr Metrics API is protected by the "metrics-read" permission.
Therefore, Solr Clouds with Authorization setup will only be vulnerable via
users with the "metrics-read" permission.</p>
-<p><strong>Mitigation:</strong>
+<p><strong>Mitigation:</strong><br>
Users are recommended to upgrade to version 9.3.0 or later, in which
environment variables are not published via the Metrics API.</p>
-<p><strong>References:</strong>
-https://nvd.nist.gov/vuln/detail/CVE-2023-50290
-https://issues.apache.org/jira/browse/SOLR-16808</p>
+<p><strong>References:</strong><br>
+JIRA - <a
href="https://issues.apache.org/jira/browse/SOLR-16808";>SOLR-15233</a><br>
+CVE - <a
href="https://nvd.nist.gov/vuln/detail/CVE-2023-50290";>CVE-2023-50290</a></p>
<h2 id="apache-solrtm-940-available">15 October 2023, Apache Solr™ 9.4.0
available
<a class="headerlink" href="#apache-solrtm-940-available" title="Permanent
link">¶</a>
</h2>
@@ -296,24 +298,24 @@ https://issues.apache.org/jira/browse/SOLR-16808</p>
<h2 id="apache-solr-is-vulnerable-to-cve-2022-39135-via-sql-handler">20
November 2022, Apache Solr is vulnerable to CVE-2022-39135 via /sql handler
<a class="headerlink"
href="#apache-solr-is-vulnerable-to-cve-2022-39135-via-sql-handler"
title="Permanent link">¶</a>
</h2>
- <p><strong>Versions Affected:</strong>
+ <p><strong>Versions Affected:</strong><br>
Solr 6.5 to 8.11.2
Solr 9.0</p>
-<p><strong>Description:</strong>
+<p><strong>Description:</strong><br>
Apache Calcite has a vulnerability, CVE-2022-39135, that is exploitable in
Apache Solr in SolrCloud mode. If an untrusted user can supply SQL queries to
Solr’s “/sql” handler (even indirectly via proxies / other apps), then the user
could perform an XML External Entity (XXE) attack. This might have been
exposed by some deployers of Solr in order for internal analysts to use JDBC
based tooling, but would have unlikely been granted to wider audiences.</p>
-<p><strong>Impact:</strong>
+<p><strong>Impact:</strong><br>
An XXE attack may lead to the disclosure of confidential data, denial of
service, server side request forgery (SSRF), port scanning from the Solr node,
and other system impacts.</p>
-<p><strong>Mitigation:</strong>
+<p><strong>Mitigation:</strong><br>
Most Solr installations don’t make use of the SQL functionality. For such
users, the standard Solr security advice of using a firewall should be
adequate. Nonetheless, the functionality can be disabled. As of Solr 9, it
has been modularized and thus became opt-in, so nothing is needed for Solr 9
users that don’t use it. Users <em>not</em> using SolrCloud can’t use the
functionality at all. For other users that wish to disable it, you must
register a request handler that masks the un [...]
<div class="codehilite"><pre><span></span><code><span class="err">
<requestHandler name="/sql"
class="solr.NotFoundRequestHandler"/></span>
</code></pre></div>
<p>Users needing this SQL functionality are forced to upgrade to Solr 9.1. If
Solr 8.11.3 is released, then it will be an option as well. Simply replacing
Calcite and other JAR files may mostly work but could fail depending on the
particulars of the query. Users interested in this or in patching their own
versions of Solr should examine SOLR-16421 for a source patch.</p>
-<p><strong>Credit:</strong>
+<p><strong>Credit:</strong><br>
Andreas Hubold at CoreMedia GmbH</p>
-<p><strong>References:</strong>
-https://nvd.nist.gov/vuln/detail/CVE-2022-39135
-https://issues.apache.org/jira/browse/SOLR-16421</p>
+<p><strong>References:</strong><br>
+JIRA - <a
href="https://issues.apache.org/jira/browse/SOLR-16421";>SOLR-16421</a><br>
+CVE - <a
href="https://nvd.nist.gov/vuln/detail/CVE-2022-39135";>CVE-2022-39135</a></p>
<h2 id="apache-solrtm-910-available">17 November 2022, Apache Solr™ 9.1.0
available
<a class="headerlink" href="#apache-solrtm-910-available" title="Permanent
link">¶</a>
</h2>
diff --git a/output/security.html b/output/security.html
index c12cc323d..80ef57c43 100644
--- a/output/security.html
+++ b/output/security.html
@@ -267,42 +267,44 @@ with you to see if we can provide this information in
other variations or format
<h2
id="cve-2023-50290-apache-solr-allows-read-access-to-host-environment-variables">2024-01-12,
CVE-2023-50290: Apache Solr allows read access to host environment variables
<a class="headerlink"
href="#cve-2023-50290-apache-solr-allows-read-access-to-host-environment-variables"
title="Permanent link">¶</a>
</h2>
- <p><strong>Versions Affected:</strong>
+ <p><strong>Severity:</strong><br>
+Important</p>
+<p><strong>Versions Affected:</strong><br>
Solr 9.0 to 9.2.1</p>
-<p><strong>Description:</strong>
+<p><strong>Description:</strong><br>
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in
Apache Solr.
The Solr Metrics API publishes all unprotected environment variables available
to each Apache Solr instance.
Users are able to specify which environment variables to hide, however, the
default list is designed to work for known secret Java system properties.
Environment variables cannot be strictly defined in Solr, like Java system
properties can be, and may be set for the entire host, unlike Java system
properties which are set per-Java-process.</p>
<p>The Solr Metrics API is protected by the "metrics-read" permission.
Therefore, Solr Clouds with Authorization setup will only be vulnerable via
users with the "metrics-read" permission.</p>
-<p><strong>Mitigation:</strong>
+<p><strong>Mitigation:</strong><br>
Users are recommended to upgrade to version 9.3.0 or later, in which
environment variables are not published via the Metrics API.</p>
-<p><strong>References:</strong>
-https://nvd.nist.gov/vuln/detail/CVE-2023-50290
-https://issues.apache.org/jira/browse/SOLR-16808</p>
+<p><strong>References:</strong><br>
+JIRA - <a
href="https://issues.apache.org/jira/browse/SOLR-16808";>SOLR-15233</a><br>
+CVE - <a
href="https://nvd.nist.gov/vuln/detail/CVE-2023-50290";>CVE-2023-50290</a></p>
<hr/>
<h2
id="apache-solr-is-vulnerable-to-cve-2022-39135-via-sql-handler">2022-11-20,
Apache Solr is vulnerable to CVE-2022-39135 via /sql handler
<a class="headerlink"
href="#apache-solr-is-vulnerable-to-cve-2022-39135-via-sql-handler"
title="Permanent link">¶</a>
</h2>
- <p><strong>Versions Affected:</strong>
+ <p><strong>Versions Affected:</strong><br>
Solr 6.5 to 8.11.2
Solr 9.0</p>
-<p><strong>Description:</strong>
+<p><strong>Description:</strong><br>
Apache Calcite has a vulnerability, CVE-2022-39135, that is exploitable in
Apache Solr in SolrCloud mode. If an untrusted user can supply SQL queries to
Solr’s “/sql” handler (even indirectly via proxies / other apps), then the user
could perform an XML External Entity (XXE) attack. This might have been
exposed by some deployers of Solr in order for internal analysts to use JDBC
based tooling, but would have unlikely been granted to wider audiences.</p>
-<p><strong>Impact:</strong>
+<p><strong>Impact:</strong><br>
An XXE attack may lead to the disclosure of confidential data, denial of
service, server side request forgery (SSRF), port scanning from the Solr node,
and other system impacts.</p>
-<p><strong>Mitigation:</strong>
+<p><strong>Mitigation:</strong><br>
Most Solr installations don’t make use of the SQL functionality. For such
users, the standard Solr security advice of using a firewall should be
adequate. Nonetheless, the functionality can be disabled. As of Solr 9, it
has been modularized and thus became opt-in, so nothing is needed for Solr 9
users that don’t use it. Users <em>not</em> using SolrCloud can’t use the
functionality at all. For other users that wish to disable it, you must
register a request handler that masks the un [...]
<div class="codehilite"><pre><span></span><code><span class="err">
<requestHandler name="/sql"
class="solr.NotFoundRequestHandler"/></span>
</code></pre></div>
<p>Users needing this SQL functionality are forced to upgrade to Solr 9.1. If
Solr 8.11.3 is released, then it will be an option as well. Simply replacing
Calcite and other JAR files may mostly work but could fail depending on the
particulars of the query. Users interested in this or in patching their own
versions of Solr should examine SOLR-16421 for a source patch.</p>
-<p><strong>Credit:</strong>
+<p><strong>Credit:</strong><br>
Andreas Hubold at CoreMedia GmbH</p>
-<p><strong>References:</strong>
-https://nvd.nist.gov/vuln/detail/CVE-2022-39135
-https://issues.apache.org/jira/browse/SOLR-16421</p>
+<p><strong>References:</strong><br>
+JIRA - <a
href="https://issues.apache.org/jira/browse/SOLR-16421";>SOLR-16421</a><br>
+CVE - <a
href="https://nvd.nist.gov/vuln/detail/CVE-2022-39135";>CVE-2022-39135</a></p>
<hr/>
<h2
id="cve-2021-44548-apache-solr-information-disclosure-vulnerability-through-dataimporthandler">2021-12-18,
CVE-2021-44548: Apache Solr information disclosure vulnerability through
DataImportHandler
<a class="headerlink"
href="#cve-2021-44548-apache-solr-information-disclosure-vulnerability-through-dataimporthandler"
title="Permanent link">¶</a>
