CVE-2013-6397Path Traversal in Apache Solr

CWE-22Path Traversal10 documents9 sources
Severity
4.3MEDIUMNVD
EPSS
92.2%
top 0.29%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Apache Solr
Timeline
PublishedDec 7
Latest updateMay 17

Description

Directory traversal vulnerability in SolrResourceLoader in Apache Solr before 4.6 allows remote attackers to read arbitrary files via a .. (dot dot) or full pathname in the tr parameter to solr/select/, when the response writer (wt parameter) is set to XSLT. NOTE: this can be leveraged using a separate XXE (XML eXternal Entity) vulnerability to allow access to files across restricted network boundaries.

CVSS vector

AV:N/AC:M/C:P/I:N/A:NExploitability: 8.6 | Impact: 2.9

Affected Packages1 packages

NVDapache/solr4.5.1+8

Patches

Patch: issues.apache.orgPatch: issues.apache.org

🔴Vulnerability Details

5
GHSA
Improper Limitation of a Pathname to a Restricted Directory in Apache Solr2022-05-17
OSV
Improper Limitation of a Pathname to a Restricted Directory in Apache Solr2022-05-17
OSV
CVE-2013-6397: Directory traversal vulnerability in SolrResourceLoader in Apache Solr before 42013-12-07
CVEList
CVE-2013-6397: Directory traversal vulnerability in SolrResourceLoader in Apache Solr before 42013-12-07
VulnCheck
Apache Solr Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')2013

🔍Detection Rules

1
Suricata
ET INFO Apache Solr System Information Request2021-01-08

📋Vendor Advisories

2
Red Hat
Solr: directory traversal when loading XSL stylesheets and Velocity templates2013-11-26
Debian
CVE-2013-6397: lucene-solr - Directory traversal vulnerability in SolrResourceLoader in Apache Solr before 4....2013

💬Community

1
Bugzilla
CVE-2013-6397 Apache Solr: directory traversal when loading XSL stylesheets and Velocity templates2013-11-27
CVE-2013-6397 — Path Traversal in Apache Solr | cvebase