CVE-2019-12409: Malicious File Upload
First published: Mon Nov 18 2019(Updated: )
The 8.1.1 and 8.2.0 releases of Apache Solr contain an insecure setting for the ENABLE_REMOTE_JMX_OPTS configuration option in the default solr.in.sh configuration file shipping with Solr. If you use the default solr.in.sh file from the affected releases, then JMX monitoring will be enabled and exposed on RMI_PORT (default=18983), without any authentication. If this port is opened for inbound traffic in your firewall, then anyone with network access to your Solr nodes will be able to access JMX, which may in turn allow them to upload malicious code for execution on the Solr server.
Credit: security@apache.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Apache Solr | =8.1.1 | |
| Apache Solr | =8.2.0 | |
| Linux Linux kernel |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://github.com/DrunkenShells/Disclosures/tree/master/CVE-2019-12409-RCE%20Vulnerability%20Due%20to%20Bad%20Defalut%20Config-Apache%20Solr
- https://lists.apache.org/thread.html/47e112035b4aa67ece3b75dbcd1b9c9212895b9dfe2a71f6f7c174e2@%3Cannounce.apache.org%3E
- https://lists.apache.org/thread.html/6640c7e370fce2b74e466a605a46244ccc40666ad9e3064a4e04a85d@%3Csolr-user.lucene.apache.org%3E
- https://lists.apache.org/thread.html/925cdb49ceae78baddb45da7beb9b4d2b1ddc4a8e318c65e91fb4e87@%3Cissues.lucene.apache.org%3E
- https://lists.apache.org/thread.html/a044eae4f6f5b0160ece5bf9cc4c0dad90ce7dd9bb210a9dc50b54be@%3Cgeneral.lucene.apache.org%3E
- https://lists.apache.org/thread.html/ce7c0b456b15f6c7518adefa54ec948fed6de8e951a2584500c1e541@%3Cissues.lucene.apache.org%3E
- https://support.f5.com/csp/article/K23720587?utm_source=f5support&utm_medium=RSS
- https://lists.apache.org/thread.html/6640c7e370fce2b74e466a605a46244ccc40666ad9e3064a4e04a85d%40%3Csolr-user.lucene.apache.org%3E
- https://lists.apache.org/thread.html/ce7c0b456b15f6c7518adefa54ec948fed6de8e951a2584500c1e541%40%3Cissues.lucene.apache.org%3E
- https://lists.apache.org/thread.html/925cdb49ceae78baddb45da7beb9b4d2b1ddc4a8e318c65e91fb4e87%40%3Cissues.lucene.apache.org%3E
- https://lists.apache.org/thread.html/a044eae4f6f5b0160ece5bf9cc4c0dad90ce7dd9bb210a9dc50b54be%40%3Cgeneral.lucene.apache.org%3E
- https://lists.apache.org/thread.html/47e112035b4aa67ece3b75dbcd1b9c9212895b9dfe2a71f6f7c174e2%40%3Cannounce.apache.org%3E
- https://support.f5.com/csp/article/K23720587?utm_source=f5support&%3Butm_medium=RSS
Frequently Asked Questions
What is CVE-2019-12409?
CVE-2019-12409 is a critical vulnerability in Apache Solr 8.1.1 and 8.2.0 releases that allows for remote code execution due to an insecure setting in the solr.in.sh configuration file.
How does CVE-2019-12409 impact Apache Solr?
CVE-2019-12409 allows an attacker to execute arbitrary code remotely on a vulnerable Apache Solr server.
How severe is CVE-2019-12409?
CVE-2019-12409 has a severity rating of 9.8 (Critical).
Which versions of Apache Solr are affected by CVE-2019-12409?
Apache Solr versions 8.1.1 and 8.2.0 are affected by CVE-2019-12409.
How can I fix CVE-2019-12409?
To fix CVE-2019-12409, update Apache Solr to a version that is not affected by this vulnerability and modify the solr.in.sh configuration file to remove the insecure setting for ENABLE_REMOTE_JMX_OPTS.
- collector/nvd-index
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/references
- agent/weakness
- agent/severity
- agent/author
- agent/last-modified-date
- agent/tags
- agent/first-publish-date
- agent/description
- agent/event
- vendor/apache
- canonical/apache solr
- version/apache solr/8.1.1
- version/apache solr/8.2.0
- vendor/linux
- canonical/linux linux kernel