CVE-2019-0192: Input Validation
First published: Thu Mar 07 2019(Updated: )
A flaw was found in the Apache Solr's Config API, where it would permit the configuration of the JMX server via an HTTP POST request. An attacker could use this flaw to direct traffic to a malicious RMI server, and then trigger remote code execution or conduct further attacks.
Credit: security@apache.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Apache Solr | >=5.0.0<=5.5.5 | |
| Apache Solr | >=6.0.0<=6.6.5 | |
| Netapp Storage Automation Store |
Remedy
* Upgrade to 6.6.6 or later * Disable the ConifgAPI if not in use (`disable.configEdit=true`) * Use other external means to ensure only trusted traffic is allowed (block POST requests to the config API from external sources)
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://www.cve.org/CVERecord?id=CVE-2019-0192 https://nvd.nist.gov/vuln/detail/CVE-2019-0192
- https://bugzilla.redhat.com/show_bug.cgi?id=1692345
- https://access.redhat.com/errata/RHSA-2019:2413
- https://access.redhat.com/security/cve/cve-2019-0192
- http://mail-archives.us.apache.org/mod_mbox/www-announce/201903.mbox/%3CCAECwjAV1buZwg%2BMcV9EAQ19MeAWztPVJYD4zGK8kQdADFYij1w%40mail.gmail.com%3E
- http://www.securityfocus.com/bid/107318
- https://lists.apache.org/thread.html/42c5682f4acd1d03bd963e4f47ae448d7cff66c16b19142773818892@%3Cdev.lucene.apache.org%3E
- https://lists.apache.org/thread.html/53e4744b14fb7f1810405f8ff5531ab0953a23dd09ce8071ce87e00d@%3Cdev.lucene.apache.org%3E
- https://lists.apache.org/thread.html/b0ace855f569c6b7a0b03ba68566e53b1a1a519abd536bf38978ce4a@%3Cdev.lucene.apache.org%3E
- https://lists.apache.org/thread.html/bcce5a9c532b386c68dab2f6b3ce8b0cc9b950ec551766e76391caa3@%3Ccommits.nifi.apache.org%3E
- https://lists.apache.org/thread.html/d0e608c681dfbb16b4da68d99d43fa0ddbd366bb3bcf5bc0d43c56d7@%3Cdev.lucene.apache.org%3E
- https://lists.apache.org/thread.html/ec9c572fb803b26ba0318777977ee6d6a2fb3a2c50d9b4224e541d5d@%3Cdev.lucene.apache.org%3E
- https://lists.apache.org/thread.html/rc400db37710ee79378b6c52de3640493ff538c2beb41cefdbbdf2ab8@%3Ccommits.submarine.apache.org%3E
- https://lists.apache.org/thread.html/rca37935d661f4689cb4119f1b3b224413b22be161b678e6e6ce0c69b@%3Ccommits.nifi.apache.org%3E
- https://security.netapp.com/advisory/ntap-20190327-0003/
- https://www.oracle.com/security-alerts/cpuoct2020.html
- https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1692346
- https://lists.apache.org/thread.html/b0ace855f569c6b7a0b03ba68566e53b1a1a519abd536bf38978ce4a%40%3Cdev.lucene.apache.org%3E
- https://lists.apache.org/thread.html/42c5682f4acd1d03bd963e4f47ae448d7cff66c16b19142773818892%40%3Cdev.lucene.apache.org%3E
- https://lists.apache.org/thread.html/d0e608c681dfbb16b4da68d99d43fa0ddbd366bb3bcf5bc0d43c56d7%40%3Cdev.lucene.apache.org%3E
- https://lists.apache.org/thread.html/ec9c572fb803b26ba0318777977ee6d6a2fb3a2c50d9b4224e541d5d%40%3Cdev.lucene.apache.org%3E
- https://lists.apache.org/thread.html/53e4744b14fb7f1810405f8ff5531ab0953a23dd09ce8071ce87e00d%40%3Cdev.lucene.apache.org%3E
- https://lists.apache.org/thread.html/bcce5a9c532b386c68dab2f6b3ce8b0cc9b950ec551766e76391caa3%40%3Ccommits.nifi.apache.org%3E
- https://lists.apache.org/thread.html/rca37935d661f4689cb4119f1b3b224413b22be161b678e6e6ce0c69b%40%3Ccommits.nifi.apache.org%3E
- https://lists.apache.org/thread.html/rc400db37710ee79378b6c52de3640493ff538c2beb41cefdbbdf2ab8%40%3Ccommits.submarine.apache.org%3E
Frequently Asked Questions
What is the vulnerability ID?
The vulnerability ID is CVE-2019-0192.
What is the severity of CVE-2019-0192?
The severity of CVE-2019-0192 is critical with a score of 9.8.
Which software versions are affected by CVE-2019-0192?
Apache Solr versions 5.0.0 to 5.5.5 and 6.0.0 to 6.6.5, as well as Netapp Storage Automation Store, are affected by CVE-2019-0192.
How does CVE-2019-0192 allow remote code execution?
CVE-2019-0192 allows remote code execution by exploiting Solr's unsafe deserialization through a malicious RMI server.
Where can I find more information about CVE-2019-0192?
You can find more information about CVE-2019-0192 in the provided references: [1], [2], [3].
- collector/redhat-cve
- collector/nvd-index
- agent/type
- agent/softwarecombine
- agent/last-modified-date
- agent/first-publish-date
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2019-0192
- agent/severity
- agent/references
- agent/weakness
- agent/author
- agent/remedy
- agent/tags
- agent/description
- agent/event
- collector/mitre-cve
- source/MITRE
- vendor/apache
- canonical/apache solr
- version/apache solr/5.0.0
- version/apache solr/5.5.5
- version/apache solr/6.0.0
- version/apache solr/6.6.5
- vendor/netapp
- canonical/netapp storage automation store