QwikSec

Security Database

CVE

CWE

Training

CVE-2019-12409

Published: Nov 18, 2019

Modified: Aug 4, 2024

PUBLISHED

Description

The 8.1.1 and 8.2.0 releases of Apache Solr contain an insecure setting for the ENABLE_REMOTE_JMX_OPTS configuration option in the default solr.in.sh configuration file shipping with Solr. If you use the default solr.in.sh file from the affected releases, then JMX monitoring will be enabled and exposed on RMI_PORT (default=18983), without any authentication. If this port is opened for inbound traffic in your firewall, then anyone with network access to your Solr nodes will be able to access JMX, which may in turn allow them to upload malicious code for execution on the Solr server.

Vendor	Product	Versions
Apache	Solr	affected `8.1.1 and 8.2.0 for Linux`

References

[lucene-solr-user] 20191118 CVE-2019-12409: Apache Solr RCE vulnerability due to bad config default

mailing-list

x_refsource_MLIST

[lucene-issues] 20191118 [jira] [Commented] (SOLR-13647) CVE-2019-12409: Apache Solr RCE vulnerability due to bad config default

mailing-list

x_refsource_MLIST

[lucene-issues] 20191118 [jira] [Updated] (SOLR-13647) CVE-2019-12409: Apache Solr RCE vulnerability due to bad config default

mailing-list

x_refsource_MLIST

[lucene-general] 20191118 CVE-2019-12409: Apache Solr RCE vulnerability due to bad config default

mailing-list

x_refsource_MLIST

[announce] 20191118 [CVE-2019-12409] Apache Solr RCE vulnerability due to bad config default

mailing-list

x_refsource_MLIST

https://support.f5.com/csp/article/K23720587?utm_source=f5support&amp%3Butm_medium=RSS

x_refsource_CONFIRM

https://github.com/DrunkenShells/Disclosures/tree/master/CVE-2019-12409-RCE%20Vulnerability%20Due%20to%20Bad%20Defalut%20Config-Apache%20Solr

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.