VDB

CNVD-2019-26390

CNVD-2019-26390 PUBLISHED CVSS 7.199999809265137 HIGH

Apache Solr是美国阿帕奇(Apache)软件基金会的一款基于Lucene(一款全文搜索引擎)的搜索服务器。该产品支持层面搜索、垂直搜索、高亮显示搜索结果等。 Apache Solr存在远程代码执行漏洞,攻击者可通过dataConfig参数构造恶意请求利用该漏洞执行任意代码。

Risk Scores

CVSS 3.1
7.199999809265137
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Affected Products

VendorProductVersions
ApacheApache SolrApache Solr all prior to 8.2.0

Timeline

  • Aug 1, 2019 CVE Published
  • Dec 16, 2019 PoC Published
  • Jun 14, 2023 PoC Published
  • Nov 2, 2024 PoC Published
  • Nov 19, 2024 PoC Published
  • Dec 24, 2024 PoC Published
  • Dec 27, 2024 PoC Published
  • Jan 5, 2025 PoC Published
  • Jan 13, 2025 PoC Published
  • Jan 23, 2025 PoC Published
  • Jan 30, 2025 PoC Published
  • Feb 9, 2025 PoC Published

References

…and 3 more

Open in Interactive Console →
$ Console Community · 100/wk Open console ›