logo_clicknbuy.png

CVE-2025-24814 – Apache Solr Plugin Code Injection Vulnerability

The following table lists the changes that have been made to the
CVE-2025-24814 vulnerability over time.

Vulnerability history details can be useful for understanding the evolution
of a vulnerability, and for identifying the most recent changes that may
impact the vulnerability’s severity, exploitability, or other characteristics.

  • New CVE Received
    by [email protected]

    Jan. 27, 2025

    Action Type Old Value New Value
    Added Description Core creation allows users to replace “trusted” configset files with arbitrary configuration

    Solr instances that (1) use the “FileSystemConfigSetService” component (the default in “standalone” or “user-managed” mode), and (2) are running without authentication and authorization are vulnerable to a sort of privilege escalation wherein individual “trusted” configset files can be ignored in favor of potentially-untrusted replacements available elsewhere on the filesystem.  These replacement config files are treated as “trusted” and can use “” tags to add to Solr’s classpath, which an attacker might use to load malicious code as a searchComponent or other plugin.

    This issue affects all Apache Solr versions up through Solr 9.7.  Users can protect against the vulnerability by enabling authentication and authorization on their Solr clusters or switching to SolrCloud (and away from “FileSystemConfigSetService”).  Users are also recommended to upgrade to Solr 9.8.0, which mitigates this issue by disabling use of “” tags by default.
    Added CWE CWE-250
    Added Reference https://lists.apache.org/thread/gl291pn8x9f9n52ys5l0pc0b6qtf0qw1
  • CVE Modified
    by af854a3a-2127-422b-91ae-364da2661108

    Jan. 27, 2025

    Action Type Old Value New Value
    Added Reference http://www.openwall.com/lists/oss-security/2025/01/26/1
Share the Post:

Related Posts