Skip to main content

Exploit code published for two dangerous Apache Solr remote code execution flaws

posted onNovember 27, 2019
by l33tdawg
ZDNet
Credit: ZDNet

Proof of concept exploit code was published online this month for two Apache Solr vulnerabilities, signaling that attacks are probably on their way as hackers will find ways to weaponize the two exploits inside their botnets.

Of the two bugs, one received a patch over the summer, while the second has yet to be addressed by the Solr team.

Attacks are bound to happen as Apache Solr is an advanced tool that is often used inside enterprise networks to support powerful data search functions, making a perfect trget for hackers looking for ways inside high-value networks or into servers with access to large computational resources. The first bug is an issue that was reported and fixed over the summer. The bug, tracked as CVE-2019-12409, refers to a default setting in the solr.in.sh configuration file that is included with all new Solr instances.

Source

Tags

Security

You May Also Like

Recent News

Friday, November 1st

Tuesday, July 9th

Wednesday, July 3rd

Friday, June 28th

Thursday, June 27th

Thursday, June 13th

Wednesday, June 12th

Tuesday, June 11th

Friday, June 7th

Thursday, June 6th