CVE-2013-6407
Solr: XML eXternal Entity (XXE) flaw in XML and XSLT UpdateRequestHandler
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
The UpdateRequestHandler for XML in Apache Solr before 4.1 allows remote attackers to have an unspecified impact via XML data containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.
El UpdateRequestHandler de XML en Apache Solr anteriores a 4.1 permite a atacantes remtos tener un impacto no especificado a través de datos XML conteniendo una declaración de entidad externa en conjunción con una referencia a entidad, relacionado con un problema de XML External Entity (XXE).
Red Hat JBoss Web Framework Kit combines popular open source web frameworks into a single solution for Java applications. The Apache Solr component is an open-source search server based on the Lucene Java search library. It was found that the SolrResourceLoader class in Apache Solr allowed loading of resources via absolute paths, or relative paths which were not sanitized for directory traversal. Some Solr components expose REST interfaces which load resources via SolrResourceLoader, using paths identified by REST parameters. A remote attacker could use this flaw to load arbitrary local files on the server via SolrResourceLoader, potentially resulting in information disclosure or remote code execution.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2013-11-04 CVE Reserved
- 2013-12-07 CVE Published
- 2024-08-06 CVE Updated
- 2025-03-30 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
CAPEC
References (9)
| URL | Tag | Source |
|---|---|---|
| http://secunia.com/advisories/59372 | Third Party Advisory | |
| http://svn.apache.org/viewvc/lucene/dev/branches/branch_4x/solr/CHANGES.txt?view=markup | X_refsource_confirm | |
| http://www.openwall.com/lists/oss-security/2013/11/29/2 | Mailing List |
|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://issues.apache.org/jira/browse/SOLR-3895 | 2014-07-17 |
| URL | Date | SRC |
|---|---|---|
| http://rhn.redhat.com/errata/RHSA-2013-1844.html | 2014-07-17 | |
| http://rhn.redhat.com/errata/RHSA-2014-0029.html | 2014-07-17 | |
| http://secunia.com/advisories/55542 | 2014-07-17 | |
| https://access.redhat.com/security/cve/CVE-2013-6407 | 2014-01-15 | |
| https://bugzilla.redhat.com/show_bug.cgi?id=1035981 | 2014-01-15 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Apache Search vendor "Apache" | Solr Search vendor "Apache" for product "Solr" | <= 4.0.0 Search vendor "Apache" for product "Solr" and version " <= 4.0.0" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Solr Search vendor "Apache" for product "Solr" | 3.6.0 Search vendor "Apache" for product "Solr" and version "3.6.0" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Solr Search vendor "Apache" for product "Solr" | 3.6.1 Search vendor "Apache" for product "Solr" and version "3.6.1" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Solr Search vendor "Apache" for product "Solr" | 3.6.2 Search vendor "Apache" for product "Solr" and version "3.6.2" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Solr Search vendor "Apache" for product "Solr" | 4.0.0 Search vendor "Apache" for product "Solr" and version "4.0.0" | alpha |
Affected
| ||||||
| Apache Search vendor "Apache" | Solr Search vendor "Apache" for product "Solr" | 4.0.0 Search vendor "Apache" for product "Solr" and version "4.0.0" | beta |
Affected
| ||||||