CVE-2019-12409

CRITICAL

Apache Solr < 8.3.0 - Unrestricted File Upload

Title source: rule

Description

The 8.1.1 and 8.2.0 releases of Apache Solr contain an insecure setting for the ENABLE_REMOTE_JMX_OPTS configuration option in the default solr.in.sh configuration file shipping with Solr. If you use the default solr.in.sh file from the affected releases, then JMX monitoring will be enabled and exposed on RMI_PORT (default=18983), without any authentication. If this port is opened for inbound traffic in your firewall, then anyone with network access to your Solr nodes will be able to access JMX, which may in turn allow them to upload malicious code for execution on the Solr server.

Exploits (2)

nomisec WORKING POC 105 stars
by jas502n · poc
https://github.com/jas502n/CVE-2019-12409
nomisec WRITEUP
by mbadanoiu · poc
https://github.com/mbadanoiu/CVE-2019-12409

References (7)

Scores

CVSS v3 9.8
EPSS 0.8277
EPSS Percentile 99.2%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Classification

CWE
CWE-434
Status published

Affected Products (3)

apache/solr
apache/solr
org.apache.solr/solr-core < 8.3.0Maven

Timeline

Published Nov 18, 2019
Tracked Since Feb 18, 2026