CVE-2018-1308

CWE-611 — XML External Entity (XXE)9 documents7 sources

Severity

7.5HIGH

EPSS

5.8%

top 9.52%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Apache Solr Apache Software Foundation Apache Solr Debian Debian Linux

Timeline

PublishedApr 9

Latest updateOct 17

Description

This vulnerability in Apache Solr 1.2 to 6.6.2 and 7.0.0 to 7.2.1 relates to an XML external entity expansion (XXE) in the `&dataConfig=` parameter of Solr's DataImportHandler. It can be used as XXE using file/ftp/http protocols in order to read arbitrary local files from the Solr server or the internal network.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:NExploitability: 3.9 | Impact: 3.6

Affected Packages4 packages

▶Mavenorg.apache.solr:solr-core1.2 — 6.6.3+1

▶NVDapache/solr1.2 — 6.6.2+1

▶CVEListV5apache_software_foundation/apache_solr1.2 to 6.6.2, 7.0.0 to 7.2.1+1

▶Debianlucene-solr< 3.6.2+dfsg-12+3

Also affects: Debian Linux 7.0, 8.0, 9.0

🔴Vulnerability Details

GHSA

There is a XML external entity expansion (XXE) vulnerability in Apache Solr↗2018-10-17

▶

OSV

There is a XML external entity expansion (XXE) vulnerability in Apache Solr↗2018-10-17

▶

OSV

CVE-2018-1308: This vulnerability in Apache Solr 1↗2018-04-09

▶

CVEList

CVE-2018-1308: This vulnerability in Apache Solr 1↗2018-04-09

▶

📋Vendor Advisories

Red Hat

Solr: XML external entity expansion in handler/dataimport/DataImporter.java allows remote attackers to read arbitrary files↗2018-02-12

▶

Debian

CVE-2018-1308: lucene-solr - This vulnerability in Apache Solr 1.2 to 6.6.2 and 7.0.0 to 7.2.1 relates to an ...↗2018

▶

💬Community

Bugzilla

CVE-2018-1308 solr3: Solr: XML external entity expansion in handler/dataimport/DataImporter.java allows remote attackers to read arbitrary files [fedora-all]↗2018-04-09

▶

Bugzilla

CVE-2018-1308 Solr: XML external entity expansion in handler/dataimport/DataImporter.java allows remote attackers to read arbitrary files↗2018-04-09

▶