lucene-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Jan Høydahl <>
Subject [SECURITY] CVE-2017-3163 Apache Solr ReplicationHandler path traversal attack
Date Wed, 15 Feb 2017 22:57:13 GMT
CVE-2017-3163: Apache Solr ReplicationHandler path traversal attack

Severity: Moderate

The Apache Software Foundation

Versions Affected:
Solr 1.4 to 6.4.0

When using the Index Replication feature, Solr nodes can pull index files from
a master/leader node using an HTTP API which accepts a file name. However,
Solr did not validate the file name, hence it was possible to craft a special
request involving path traversal, leaving any file readable to the Solr server
process exposed. Solr servers protected and restricted by firewall rules
and/or authentication would not be at risk since only trusted clients and users
would gain direct HTTP access.

6.x users should upgrade to 6.4.1
5.x users should upgrade to 5.5.4
4.x, 3.x and 1.4 users should upgrade to a supported version of Solr
or setup proper firewalling, or disable the ReplicationHandler if not in use.

This issue was discovered by Hrishikesh Gadre of Cloudera Inc.


The Lucene PMC

View raw message