CVE-2018-8026
MEDIUMApache Solr 6.0.0-6.6.4 and 7.0.0-7.3.1 - XML External Entity Injection via Config File Upload
Title source: llmDescription
This vulnerability in Apache Solr 6.0.0 to 6.6.4 and 7.0.0 to 7.3.1 relates to an XML external entity expansion (XXE) in Solr config files (currency.xml, enumsConfig.xml referred from schema.xml, TIKA parsecontext config file). In addition, Xinclude functionality provided in these config files is also affected in a similar way. The vulnerability can be used as XXE using file/ftp/http protocols in order to read arbitrary local files from the Solr server or the internal network. The manipulated files can be uploaded as configsets using Solr's API, allowing to exploit that vulnerability.
References (4)
Core 4
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/104690
Exploit, Issue Tracking, Vendor Advisory x_refsource_confirm
https://issues.apache.org/jira/browse/SOLR-12450
Third Party Advisory x_refsource_confirm
https://security.netapp.com/advisory/ntap-20190307-0002/
Mailing List, Vendor Advisory mailing-list
x_refsource_mlist
https://mail-archives.apache.org/mod_mbox/lucene-solr-user/201807.mbox/%3C0cdc01d413b7%24f97ba580%24ec72f080%24%40apache.org%3E
Scores
CVSS v3
5.5
EPSS
0.0434
EPSS Percentile
89.1%
Attack Vector
LOCAL
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Details
CWE
CWE-611
Status
published
Products (4)
apache/solr
6.0.0 - 6.6.4
netapp/snapcenter
netapp/storage_automation_store
org.apache.solr/solr-core
7.0.0 - 7.4.0Maven
Published
Jul 05, 2018
Tracked Since
Feb 18, 2026