Uploaded image for project: 'Ambari'
  1. Ambari
  2. AMBARI-25169

Upgrade Apache Solr version to 7.7.0 or later in Ambari

    XMLWordPrintableJSON

Details

    Description

      CVE-2017-3164 SSRF issue in Apache Solr

      Severity: High

      Vendor: The Apache Software Foundation

      Versions Affected:
      Apache Solr versions from 1.3 to 7.6.0

      Description:
      The "shards" parameter does not have a corresponding whitelist mechanism,
      so it can request any URL.

      Mitigation:
      Upgrade to Apache Solr 7.7.0 or later.
      Ensure your network settings are configured so that only trusted traffic is
      allowed to ingress/egress your hosts running Solr.

      Credit:
      dk from Chaitin Tech

      References:
      https://issues.apache.org/jira/browse/SOLR-12770
      https://wiki.apache.org/solr/SolrSecurity

      Attachments

        Issue Links

          links to

          Web Link GitHub Pull Request #2834

          Activity

            People

              kkasa Krisztian Kasa
              kkasa Krisztian Kasa
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:

                Time Tracking

                  Estimated:
                  Original Estimate - Not Specified
                  Not Specified
                  Remaining:
                  Remaining Estimate - 0h
                  0h
                  Logged:
                  Time Spent - 1h 50m
                  1h 50m