“IP address of the original server” Is exactly the problem. A solr server doesn’t/shouldn’t have an up address that exists outside of the internal network. So even if it didn’t get an IP it would have no vulnerabilities since, it’s not a real ip. The only people or machines that can touch ot are already on the network
On Thu, Apr 7, 2022 at 7:06 PM Vincenzo D'Amore <[email protected]> wrote: > I don't think this is the point and I agree that Solr should not be > accessible from the outside world but only from a restricted number of > clients. > > So in my opinion, the OP was trying to explain that, for example, if you > make an http call to solr through a reverse proxy (or a chain of) with the > path / the answer is a 302 with the ip address of the original server. > > > On Thu, Apr 7, 2022 at 11:45 PM dmitri maziuk <[email protected]> > wrote: > > > On 2022-04-07 9:56 AM, Anchal Sharma2 wrote: > > > Hi All, > > > > > > It took me a while to get the following information about the detected > > vulnerability from the security team . > > ... > > > > Maybe you should educate them about a vulnerability in the `ping` > > command: if they ping your solr server by its name, it'll tell them the > > server's ip address. > > > > Dima > > > > > > > > -- > Vincenzo D'Amore >
