Signature Detail
This site is deprecated. Please CLICK HERE for latest updates
Short Name |
HTTP:APACHE:CVE-2019-0192-RCE |
|---|---|
Severity |
Major |
Recommended |
Yes |
Recommended Action |
Drop |
Category |
HTTP |
Keywords |
Apache Solr Config API Insecure Deserialization Remote Code Execution |
Release Date |
2019/05/13 |
Update Number |
3171 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+ |
HTTP: Apache Solr Config API Insecure Deserialization Remote Code Execution
This signature detects attempts to exploit a known vulnerability against Apache Solr. A successful attack can lead to arbitrary code execution.
Extended Description
In Apache Solr versions 5.0.0 to 5.5.5 and 6.0.0 to 6.6.5, the Config API allows to configure the JMX server via an HTTP POST request. By pointing it to a malicious RMI server, an attacker could take advantage of Solr's unsafe deserialization to trigger remote code execution on the Solr side.
Affected Products
- Apache solr 5.0.0
- Apache solr 5.1
- Apache solr 5.1.0
- Apache solr 5.2.0
- Apache solr 5.2.1
- Apache solr 5.3
- Apache solr 5.3.0
- Apache solr 5.3.1
- Apache solr 5.3.2
- Apache solr 5.4.0
- Apache solr 5.4.1
- Apache solr 5.5.0
- Apache solr 5.5.1
- Apache solr 5.5.2
- Apache solr 5.5.3
- Apache solr 5.5.4
- Apache solr 5.5.5
- Apache solr 6.0.0
- Apache solr 6.0.1
- Apache solr 6.1.0
- Apache solr 6.2.0
- Apache solr 6.2.1
- Apache solr 6.3.0
- Apache solr 6.4.0
- Apache solr 6.4.1
- Apache solr 6.4.2
- Apache solr 6.5.0
- Apache solr 6.5.1
- Apache solr 6.6.0
- Apache solr 6.6.1
- Apache solr 6.6.2
- Apache solr 6.6.3
- Apache solr 6.6.4
- Apache solr 6.6.5
- Netapp storage_automation_store -
References
- BugTraq: 107318
- CVE: CVE-2019-0192
- URL: https://issues.apache.org/jira/browse/solr-13301