You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@solr.apache.org by ho...@apache.org on 2024/01/12 21:24:17 UTC

(solr-site) branch main updated: Fixup CVE formatting

This is an automated email from the ASF dual-hosted git repository.

houston pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/solr-site.git


The following commit(s) were added to refs/heads/main by this push:
     new 18859f26c Fixup CVE formatting
18859f26c is described below

commit 18859f26c087cb914f35fc0265f16fd3e086f7ac
Author: Houston Putman <ho...@apache.org>
AuthorDate: Fri Jan 12 15:24:09 2024 -0600

    Fixup CVE formatting
---
 content/solr/security/2022-11-20-cve-2022-39135.md | 16 ++++++++--------
 content/solr/security/2024-01-12-cve-2023-50290.md | 15 +++++++++------
 2 files changed, 17 insertions(+), 14 deletions(-)

diff --git a/content/solr/security/2022-11-20-cve-2022-39135.md b/content/solr/security/2022-11-20-cve-2022-39135.md
index a2a06936b..f26f9bd49 100644
--- a/content/solr/security/2022-11-20-cve-2022-39135.md
+++ b/content/solr/security/2022-11-20-cve-2022-39135.md
@@ -2,26 +2,26 @@ Title: Apache Solr is vulnerable to CVE-2022-39135 via /sql handler
 category: solr/security
 cve: CVE-2022-39135
 
-**Versions Affected:**
+**Versions Affected:**  
 Solr 6.5 to 8.11.2
 Solr 9.0
 
-**Description:**
+**Description:**  
 Apache Calcite has a vulnerability, CVE-2022-39135, that is exploitable in Apache Solr in SolrCloud mode.  If an untrusted user can supply SQL queries to Solr’s “/sql” handler (even indirectly via proxies / other apps), then the user could perform an XML External Entity (XXE) attack.  This might have been exposed by some deployers of Solr in order for internal analysts to use JDBC based tooling, but would have unlikely been granted to wider audiences.
 
-**Impact:**
+**Impact:**  
 An XXE attack may lead to the disclosure of confidential data, denial of service, server side request forgery (SSRF), port scanning from the Solr node, and other system impacts.
 
-**Mitigation:**
+**Mitigation:**  
 Most Solr installations don’t make use of the SQL functionality.  For such users, the standard Solr security advice of using a firewall should be adequate.  Nonetheless, the functionality can be disabled.  As of Solr 9, it has been modularized and thus became opt-in, so nothing is needed for Solr 9 users that don’t use it.  Users *not* using SolrCloud can’t use the functionality at all.  For other users that wish to disable it, you must register a request handler that masks the underlyin [...]
 ```
   <requestHandler name="/sql" class="solr.NotFoundRequestHandler"/>
 ```
 Users needing this SQL functionality are forced to upgrade to Solr 9.1.  If Solr 8.11.3 is released, then it will be an option as well.  Simply replacing Calcite and other JAR files may mostly work but could fail depending on the particulars of the query.  Users interested in this or in patching their own versions of Solr should examine SOLR-16421 for a source patch.
 
-**Credit:**
+**Credit:**  
 Andreas Hubold at CoreMedia GmbH
 
-**References:**
-https://nvd.nist.gov/vuln/detail/CVE-2022-39135
-https://issues.apache.org/jira/browse/SOLR-16421
+**References:**  
+JIRA - [SOLR-16421](https://issues.apache.org/jira/browse/SOLR-16421)  
+CVE - [CVE-2022-39135](https://nvd.nist.gov/vuln/detail/CVE-2022-39135)
diff --git a/content/solr/security/2024-01-12-cve-2023-50290.md b/content/solr/security/2024-01-12-cve-2023-50290.md
index df26b4531..721575376 100644
--- a/content/solr/security/2024-01-12-cve-2023-50290.md
+++ b/content/solr/security/2024-01-12-cve-2023-50290.md
@@ -2,10 +2,13 @@ Title: CVE-2023-50290: Apache Solr allows read access to host environment variab
 category: solr/security
 cve: CVE-2023-50290
 
-**Versions Affected:**
+**Severity:**  
+Important
+
+**Versions Affected:**  
 Solr 9.0 to 9.2.1
 
-**Description:**
+**Description:**  
 Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache Solr.
 The Solr Metrics API publishes all unprotected environment variables available to each Apache Solr instance.
 Users are able to specify which environment variables to hide, however, the default list is designed to work for known secret Java system properties.
@@ -14,9 +17,9 @@ Environment variables cannot be strictly defined in Solr, like Java system prope
 The Solr Metrics API is protected by the "metrics-read" permission.
 Therefore, Solr Clouds with Authorization setup will only be vulnerable via users with the "metrics-read" permission.
 
-**Mitigation:**
+**Mitigation:**  
 Users are recommended to upgrade to version 9.3.0 or later, in which environment variables are not published via the Metrics API.
 
-**References:**
-https://nvd.nist.gov/vuln/detail/CVE-2023-50290
-https://issues.apache.org/jira/browse/SOLR-16808
+**References:**  
+JIRA - [SOLR-15233](https://issues.apache.org/jira/browse/SOLR-16808)  
+CVE - [CVE-2023-50290](https://nvd.nist.gov/vuln/detail/CVE-2023-50290)