CVE-2024-52012
published 2025-01-27CVE-2024-52012: Relative Path Traversal vulnerability in Apache Solr. Solr instances running on Windows are vulnerable to arbitrary filepath write-access, due to a lack of…
PriorityP351medium5.4CVSS 3.1
AVNACLPRLUINSUCLILAN
EPSS
43.31%
98.6th percentile
Relative Path Traversal vulnerability in Apache Solr.
Solr instances running on Windows are vulnerable to arbitrary filepath write-access, due to a lack of input-sanitation in the "configset upload" API. Commonly known as a "zipslip", maliciously constructed ZIP files can use relative filepaths to write data to unanticipated parts of the filesystem.
This issue affects Apache Solr: from 6.6 through 9.7.0.
Users are recommended to upgrade to version 9.8.0, which fixes the issue. Users unable to upgrade may also safely prevent the issue by using Solr's "Rule-Based Authentication Plugin" to restrict access to the configset upload API, so that it can only be accessed by a trusted set of administrators/users.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| apache | solr | >= 6.6.0 < 9.8.0 | 9.8.0 |
| apache_software_foundation | apache_solr | 6.6 – 9.7.0 | — |
| debian | lucene-solr | — | — |
CVSS provenance
nvdv3.15.4MEDIUMCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
vendor_debian5.4LOW
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
OSV
Apache Solr Relative Path Traversal vulnerability
osv·2025-01-27
CVE-2024-52012 [MEDIUM] Apache Solr Relative Path Traversal vulnerability
Apache Solr Relative Path Traversal vulnerability
Relative Path Traversal vulnerability in Apache Solr.
Solr instances running on Windows are vulnerable to arbitrary filepath write-access, due to a lack of input-sanitation in the "configset upload" API. Commonly known as a "zipslip", maliciously constructed ZIP files can use relative filepaths to write data to unanticipated parts of the filesystem.
This issue affects Apache Solr: from 6.6 through 9.7.0.
Users are recommended to upgrade to version 9.8.0, which fixes the issue. Users unable to upgrade may also safely prevent the issue by using Solr's "Rule-Based Authentication Plugin" to restrict access to the configset upload API, so that it can only be accessed by a trusted set of administrators/users.
GHSA
Apache Solr Relative Path Traversal vulnerability
ghsa·2025-01-27
CVE-2024-52012 [MEDIUM] CWE-23 Apache Solr Relative Path Traversal vulnerability
Apache Solr Relative Path Traversal vulnerability
Relative Path Traversal vulnerability in Apache Solr.
Solr instances running on Windows are vulnerable to arbitrary filepath write-access, due to a lack of input-sanitation in the "configset upload" API. Commonly known as a "zipslip", maliciously constructed ZIP files can use relative filepaths to write data to unanticipated parts of the filesystem.
This issue affects Apache Solr: from 6.6 through 9.7.0.
Users are recommended to upgrade to version 9.8.0, which fixes the issue. Users unable to upgrade may also safely prevent the issue by using Solr's "Rule-Based Authentication Plugin" to restrict access to the configset upload API, so that it can only be accessed by a trusted set of administrators/users.
Debian
CVE-2024-52012: lucene-solr - Relative Path Traversal vulnerability in Apache Solr. Solr instances running on...
vendor_debian·2024·CVSS 5.4
CVE-2024-52012 [MEDIUM] CVE-2024-52012: lucene-solr - Relative Path Traversal vulnerability in Apache Solr. Solr instances running on...
Relative Path Traversal vulnerability in Apache Solr. Solr instances running on Windows are vulnerable to arbitrary filepath write-access, due to a lack of input-sanitation in the "configset upload" API. Commonly known as a "zipslip", maliciously constructed ZIP files can use relative filepaths to write data to unanticipated parts of the filesystem. This issue affects Apache Solr: from 6.6 through 9.7.0. Users are recommended to upgrade to version 9.8.0, which fixes the issue. Users unable to upgrade may also safely prevent the issue by using Solr's "Rule-Based Authentication Plugin" to restrict access to the configset upload API, so that it can only be accessed by a trusted set of administrators/users.
Scope: local
bookworm: resolved
bullseye: resolved
forky: resolved
sid: resolved
trixie
Suricata
ET WEB_SPECIFIC_APPS Apache Solr ConfigSet APIv1 Upload Relative Path Traversal (CVE-2024-52012)
suricata·2025-01-29·CVSS 5.4
CVE-2024-52012 [MEDIUM] ET WEB_SPECIFIC_APPS Apache Solr ConfigSet APIv1 Upload Relative Path Traversal (CVE-2024-52012)
ET WEB_SPECIFIC_APPS Apache Solr ConfigSet APIv1 Upload Relative Path Traversal (CVE-2024-52012)
Rule: alert http $EXTERNAL_NET any -> $HOME_NET any (msg:"ET WEB_SPECIFIC_APPS Apache Solr ConfigSet APIv1 Upload Relative Path Traversal (CVE-2024-52012)"; flow:established,to_server; flowbits:isset,ET.ZIP.Symlink.Inbound; http.method; content:"POST"; http.uri; content:"/solr/admin/configs|3f|"; fast_pattern; content:"action|3d|UPLOAD"; nocase; content:"name|3d|"; nocase; http.content_type; content:"application/octet-stream"; reference:url,solr.apache.org/guide/8_9/configsets-api.html; reference:cve,2024-52012; classtype:web-application-attack; sid:2059748; rev:1; metadata:affected_product Apache_Solr, attack_target Server, tls_state TLSDecrypt, created_at 2025_01_29, cve CVE_2024_52012, depl
Suricata
ET WEB_SPECIFIC_APPS Apache Solr ConfigSet APIv2 Upload Relative Path Traversal (CVE-2024-52012)
suricata·2025-01-29·CVSS 5.4
CVE-2024-52012 [MEDIUM] ET WEB_SPECIFIC_APPS Apache Solr ConfigSet APIv2 Upload Relative Path Traversal (CVE-2024-52012)
ET WEB_SPECIFIC_APPS Apache Solr ConfigSet APIv2 Upload Relative Path Traversal (CVE-2024-52012)
Rule: alert http $EXTERNAL_NET any -> $HOME_NET any (msg:"ET WEB_SPECIFIC_APPS Apache Solr ConfigSet APIv2 Upload Relative Path Traversal (CVE-2024-52012)"; flow:established,to_server; flowbits:isset,ET.ZIP.Symlink.Inbound; http.method; content:"POST"; http.uri; content:"/api/cluster/configs/"; fast_pattern; isdataat:1,relative; http.content_type; content:"application/octet-stream"; reference:url,solr.apache.org/guide/8_9/configsets-api.html; reference:cve,2024-52012; classtype:web-application-attack; sid:2059749; rev:1; metadata:affected_product Apache_Solr, attack_target Server, tls_state TLSDecrypt, created_at 2025_01_29, cve CVE_2024_52012, deployment Perimeter, deployment Internal, deploy
No public exploits indexed.
No writeups or analysis indexed.
2025-01-27
Published