CVE-2019-12409
CRITICALApache Solr 8.1.1-8.2.0 - Unauthenticated Remote Code Execution via Insecure JMX Configuration
Title source: llmExploitation Summary
EIP tracks 2 public exploits for CVE-2019-12409. PoCs published by jas502n, mbadanoiu.
AI-analyzed exploit summary This repository contains a functional exploit for CVE-2019-12409, targeting Apache Solr with exposed JMX RMI interfaces. It includes both Metasploit usage and a custom tool (MJET) to achieve remote code execution (RCE) by leveraging insecure JMX configurations.
Description
The 8.1.1 and 8.2.0 releases of Apache Solr contain an insecure setting for the ENABLE_REMOTE_JMX_OPTS configuration option in the default solr.in.sh configuration file shipping with Solr. If you use the default solr.in.sh file from the affected releases, then JMX monitoring will be enabled and exposed on RMI_PORT (default=18983), without any authentication. If this port is opened for inbound traffic in your firewall, then anyone with network access to your Solr nodes will be able to access JMX, which may in turn allow them to upload malicious code for execution on the Solr server.
Exploits (2)
This repository contains a functional exploit for CVE-2019-12409, targeting Apache Solr with exposed JMX RMI interfaces. It includes both Metasploit usage and a custom tool (MJET) to achieve remote code execution (RCE) by leveraging insecure JMX configurations.
The repository provides a detailed technical explanation of CVE-2019-12409, which involves insecure default configurations in Apache Solr's solr.in.sh and solr.cmd files, enabling unauthenticated remote JMX access. It references external resources for exploitation details and alternative tools.
References (7)
Scores
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H