CVE-2021-44548
Apache Solr information disclosure vulnerability through DataImportHandler
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
An Improper Input Validation vulnerability in DataImportHandler of Apache Solr allows an attacker to provide a Windows UNC path resulting in an SMB network call being made from the Solr host to another host on the network. If the attacker has wider access to the network, this may lead to SMB attacks, which may result in: * The exfiltration of sensitive data such as OS user hashes (NTLM/LM hashes), * In case of misconfigured systems, SMB Relay Attacks which can lead to user impersonation on SMB Shares or, in a worse-case scenario, Remote Code Execution This issue affects all Apache Solr versions prior to 8.11.1. This issue only affects Windows.
Una vulnerabilidad de Comprobación de Entrada Inapropiada en DataImportHandler de Apache Solr permite a un atacante proporcionar una ruta UNC de Windows que resulta en una llamada de red SMB que es hecha desde el host Solr a otro host en la red. Si el atacante presenta un acceso más amplio a la red, esto puede conllevar a ataques SMB, que pueden resultar en: * La exfiltración de datos confidenciales como los hashes de usuario del Sistema Operativo (hashes NTLM/LM), * En caso de sistemas configurados inapropiadamente, ataques de retransmisión SMB que pueden conllevar a una suplantación de usuarios en recursos compartidos SMB o, en el peor de los casos, una ejecución de código remota. Este problema afecta a todas las versiones de Apache Solr anteriores a 8.11.1. Este problema sólo afecta a Windows
CVSS Scores
SSVC
- Decision:-
Timeline
- 2021-12-04 CVE Reserved
- 2021-12-23 CVE Published
- 2024-08-04 CVE Updated
- 2024-09-07 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-20: Improper Input Validation
- CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
- CWE-40: Path Traversal: '\\UNC\share\name\' (Windows UNC Share)
CAPEC
References (2)
URL | Tag | Source |
---|---|---|
https://security.netapp.com/advisory/ntap-20220114-0005 | Third Party Advisory |
URL | Date | SRC |
---|
URL | Date | SRC |
---|
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Apache Search vendor "Apache" | Solr Search vendor "Apache" for product "Solr" | < 8.11.1 Search vendor "Apache" for product "Solr" and version " < 8.11.1" | - |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows Search vendor "Microsoft" for product "Windows" | - | - |
Safe
|