CVE-2017-7660
HIGHApache Solr 5.3.0-5.5.4 and 6.0-6.5.1 - Improper Authentication via Malicious Node Name
Title source: llmDescription
Apache Solr uses a PKI based mechanism to secure inter-node communication when security is enabled. It is possible to create a specially crafted node name that does not exist as part of the cluster and point it to a malicious node. This can trick the nodes in cluster to believe that the malicious node is a member of the cluster. So, if Solr users have enabled BasicAuth authentication mechanism using the BasicAuthPlugin or if the user has implemented a custom Authentication plugin, which does not implement either "HttpClientInterceptorPlugin" or "HttpClientBuilderPlugin", his/her servers are vulnerable to this attack. Users who only use SSL without basic authentication or those who use Kerberos are not affected.
References (3)
Core 3
Core References
Vendor Advisory x_refsource_confirm
https://security.netapp.com/advisory/ntap-20181127-0003/
Mailing List, Vendor Advisory mailing-list
x_refsource_mlist
http://mail-archives.us.apache.org/mod_mbox/www-announce/201707.mbox/%3CCAOOKt53EgrybaD%2BiSn-nBbvFdse-szhg%3DhMoDZuvUvyMme-Z%3Dg%40mail.gmail.com%3E
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/99485
Scores
CVSS v3
7.5
EPSS
0.0034
EPSS Percentile
56.4%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Details
CWE
CWE-287
Status
published
Products (24)
apache/solr
5.3.0
apache/solr
5.3.1
apache/solr
5.3.2
apache/solr
5.4.0
apache/solr
5.4.1
apache/solr
5.5.0
apache/solr
5.5.1
apache/solr
5.5.2
apache/solr
5.5.3
apache/solr
5.5.4
... and 14 more
Published
Jul 07, 2017
Tracked Since
Feb 18, 2026