CVE-2024-45216

CRITICAL EXPLOITED NUCLEI

Apache Solr - Auth Bypass

Title source: llm

Description

Improper Authentication vulnerability in Apache Solr. Solr instances using the PKIAuthenticationPlugin, which is enabled by default when Solr Authentication is used, are vulnerable to Authentication bypass. A fake ending at the end of any Solr API URL path, will allow requests to skip Authentication while maintaining the API contract with the original URL Path. This fake ending looks like an unprotected API path, however it is stripped off internally after authentication but before API routing. This issue affects Apache Solr: from 5.3.0 before 8.11.4, from 9.0.0 before 9.7.0. Users are recommended to upgrade to version 9.7.0, or 8.11.4, which fix the issue.

Exploits (3)

github WORKING POC 40 stars

by iSee857 · pythonpoc

https://github.com/iSee857/CVE-PoC/tree/main/ApacheSolr(CVE-2024-45216).py

View Code ZIP pw:eip

nomisec WORKING POC 2 stars

by congdong007 · infoleak

https://github.com/congdong007/CVE-2024-45216-Poc

View Code ZIP pw:eip

vulncheck_xdb

infoleak

https://github.com/qhoko/CVE-2024-45216

View on vulncheck_xdb

Nuclei Templates (1)

Apache Solr - Authentication Bypass

CRITICALVERIFIEDby gumgum

Shodan: http.html:"Apache Solr"

References (2)

[Vendor Advisory] https://solr.apache.org/security.html#cve-2024-45216-apache-solr-authentication-bypass-possible-using-a-fake-url-path-ending

[Mailing List] http://www.openwall.com/lists/oss-security/2024/10/15/8

Scores

CVSS v3 9.8

EPSS 0.9408

EPSS Percentile 99.9%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Exploitation Intel

VulnCheck KEV 2025-10-31

Classification

CWE

CWE-287 CWE-863

Status published

Affected Products (2)

apache/solr < 8.11.4

org.apache.solr/solr < 8.11.4Maven

Timeline

Published Oct 16, 2024

Tracked Since Feb 18, 2026