CVE-2017-3163 - CVE Vulnerability

When using the Index Replication feature, Apache Solr nodes can pull index files from a master/leader node using an HTTP API which accepts a file name. However, Solr before 5.5.4 and 6.x before 6.4.1 did not validate the file name, hence it was possible to craft a special request involving path traversal, leaving any file readable to the Solr server process exposed. Solr servers protected and restricted by firewall rules and/or authentication would not be at risk since only trusted clients and users would gain direct HTTP access. (CVSS:5.0) (Last Update:2017-09-11)

Vulnerability Details : When using the Index Replication feature, Apache Solr nodes can pull index files from a master/leader node using an HTTP API which accepts a file name. However, Solr before 5.5.4 and 6.x before 6.4.1 did not validate the file name, hence it was possible to craft a special request involving path traversal, leaving any file readable to the Solr server process exposed. Solr servers protected and restricted by firewall rules and/or authentication would not be at risk since only trusted clients and users would gain direct HTTP access. Publish Date : 2017-08-30 Last Update Date : 2017-09-11 - CVSS Scores & Vulnerability Types CVSS Score 5.0 Confidentiality Impact Partial(There is considerable informational disclosure.) Integrity Impact None(There is no impact to the integrity of the system) Availability Impact None(There is no impact to the availability of the system.) Access Complexity Low(Specialized access conditions or extenuating circumstances do not exist. Very little knowledge or skill is required to exploit. ) Authentication Not required(Authentication is not required to exploit the vulnerability.) Gained Access None Vulnerability Type(s) Directory traversal CWE ID 22 - Products Affected By CVE-2017-3163 # Product Type Vendor Product Version Update Edition Language 1 Application Apache Solr 5.5.3 Version Details Vulnerabilities 2 Application Apache Solr 6.0.0 Version Details Vulnerabilities 3 Application Apache Solr 6.0.1 Version Details Vulnerabilities 4 Application Apache Solr 6.1.0 Version Details Vulnerabilities 5 Application Apache Solr 6.2.0 Version Details Vulnerabilities 6 Application Apache Solr 6.2.1 Version Details Vulnerabilities 7 Application Apache Solr 6.3.0 Version Details Vulnerabilities 8 Application Apache Solr 6.4.0 Version Details Vulnerabilities - Number Of Affected Versions By Product Vendor Product Vulnerable Versions Apache Solr 8 - References For CVE-2017-3163 https://lists.apache.org/thread.html/[email protected]%3Csolr-user.lucene.apache.org%3E MLIST [solr-user] 20170215 [SECURITY] CVE-2017-3163 Apache Solr ReplicationHandler path traversal attack

- Metasploit Modules Related To CVE-2017-3163 There are not any metasploit modules related to this CVE entry (Please visit www.metasploit.com for more information)