{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-45217", "assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09", "state": "PUBLISHED", "assignerShortName": "apache", "dateReserved": "2024-08-23T17:50:50.872Z", "datePublished": "2024-10-16T07:51:16.558Z", "dateUpdated": "2024-10-16T15:08:26.625Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "Apache Solr", "vendor": "Apache Software Foundation", "versions": [{"lessThan": "8.11.4", "status": "affected", "version": "6.6.0", "versionType": "semver"}, {"lessThan": "9.7.0", "status": "affected", "version": "9.0.0", "versionType": "semver"}]}], "credits": [{"lang": "en", "type": "reporter", "value": "Liu Huajin"}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<p>Insecure Default Initialization of Resource vulnerability in Apache Solr.</p><p><span style=\"background-color: rgb(255, 255, 255);\">New ConfigSets that are created via a Restore command, which copy a configSet from the backup and give it a new name, are created without setting the \"trusted\" metadata.<br>ConfigSets that do not contain the flag are trusted implicitly if the metadata is missing, therefore this leads to \"trusted\" ConfigSets that may not have been created with an Authenticated request.</span><br><span style=\"background-color: rgb(255, 255, 255);\">\"trusted\" ConfigSets are able to load custom code into classloaders, therefore the flag is supposed to only be set when the request that uploads the ConfigSet is Authenticated &amp; Authorized.</span></p><p>This issue affects Apache Solr: from 6.6.0 before 8.11.4, from 9.0.0 before 9.7.0. This issue does not affect Solr instances that are secured via Authentication/Authorization.</p><p>Users are primarily recommended to use Authentication and Authorization when running Solr. However, upgrading to version 9.7.0, or 8.11.4 will mitigate this issue otherwise.</p><p></p>"}], "value": "Insecure Default Initialization of Resource vulnerability in Apache Solr.\n\nNew ConfigSets that are created via a Restore command, which copy a configSet from the backup and give it a new name, are created without setting the \"trusted\" metadata.\nConfigSets that do not contain the flag are trusted implicitly if the metadata is missing, therefore this leads to \"trusted\" ConfigSets that may not have been created with an Authenticated request.\n\"trusted\" ConfigSets are able to load custom code into classloaders, therefore the flag is supposed to only be set when the request that uploads the ConfigSet is Authenticated & Authorized.\n\nThis issue affects Apache Solr: from 6.6.0 before 8.11.4, from 9.0.0 before 9.7.0. This issue does not affect Solr instances that are secured via Authentication/Authorization.\n\nUsers are primarily recommended to use Authentication and Authorization when running Solr. However, upgrading to version 9.7.0, or 8.11.4 will mitigate this issue otherwise."}], "metrics": [{"other": {"content": {"text": "moderate"}, "type": "Textual description of severity"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-1188", "description": "CWE-1188 Insecure Default Initialization of Resource", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09", "shortName": "apache", "dateUpdated": "2024-10-16T07:51:16.558Z"}, "references": [{"tags": ["vendor-advisory"], "url": "https://solr.apache.org/security.html#cve-2024-45217-apache-solr-configsets-created-during-a-backup-restore-command-are-trusted-implicitly"}], "source": {"defect": ["SOLR-17418"], "discovery": "EXTERNAL"}, "title": "Apache Solr: ConfigSets created during a backup restore command are trusted implicitly", "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}, "adp": [{"title": "CVE Program Container", "references": [{"url": "http://www.openwall.com/lists/oss-security/2024/10/15/9"}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-10-16T08:03:37.258Z"}}, {"affected": [{"vendor": "apache_software_foundation", "product": "apache_solr", "cpes": ["cpe:2.3:a:apache_software_foundation:apache_solr:*:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "6.6.0", "status": "affected", "lessThan": "8.11.4", "versionType": "semver"}, {"version": "9.0.0", "status": "affected", "lessThan": "9.7.0", "versionType": "semver"}]}], "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.1, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2024-10-16T14:59:42.757440Z", "id": "CVE-2024-45217", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-10-16T15:08:26.625Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "http://www.openwall.com/lists/oss-security/2024/10/15/9"}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-10-16T08:03:37.258Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.1, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2024-45217", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2024-10-16T14:59:42.757440Z"}}}], "affected": [{"cpes": ["cpe:2.3:a:apache_software_foundation:apache_solr:*:*:*:*:*:*:*:*"], "vendor": "apache_software_foundation", "product": "apache_solr", "versions": [{"status": "affected", "version": "6.6.0", "lessThan": "8.11.4", "versionType": "semver"}, {"status": "affected", "version": "9.0.0", "lessThan": "9.7.0", "versionType": "semver"}], "defaultStatus": "unknown"}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-10-16T15:05:22.460Z"}}], "cna": {"title": "Apache Solr: ConfigSets created during a backup restore command are trusted implicitly", "source": {"defect": ["SOLR-17418"], "discovery": "EXTERNAL"}, "credits": [{"lang": "en", "type": "reporter", "value": "Liu Huajin"}], "metrics": [{"other": {"type": "Textual description of severity", "content": {"text": "moderate"}}}], "affected": [{"vendor": "Apache Software Foundation", "product": "Apache Solr", "versions": [{"status": "affected", "version": "6.6.0", "lessThan": "8.11.4", "versionType": "semver"}, {"status": "affected", "version": "9.0.0", "lessThan": "9.7.0", "versionType": "semver"}], "defaultStatus": "unaffected"}], "references": [{"url": "https://solr.apache.org/security.html#cve-2024-45217-apache-solr-configsets-created-during-a-backup-restore-command-are-trusted-implicitly", "tags": ["vendor-advisory"]}], "x_generator": {"engine": "Vulnogram 0.1.0-dev"}, "descriptions": [{"lang": "en", "value": "Insecure Default Initialization of Resource vulnerability in Apache Solr.\n\nNew ConfigSets that are created via a Restore command, which copy a configSet from the backup and give it a new name, are created without setting the \"trusted\" metadata.\nConfigSets that do not contain the flag are trusted implicitly if the metadata is missing, therefore this leads to \"trusted\" ConfigSets that may not have been created with an Authenticated request.\n\"trusted\" ConfigSets are able to load custom code into classloaders, therefore the flag is supposed to only be set when the request that uploads the ConfigSet is Authenticated & Authorized.\n\nThis issue affects Apache Solr: from 6.6.0 before 8.11.4, from 9.0.0 before 9.7.0. This issue does not affect Solr instances that are secured via Authentication/Authorization.\n\nUsers are primarily recommended to use Authentication and Authorization when running Solr. However, upgrading to version 9.7.0, or 8.11.4 will mitigate this issue otherwise.", "supportingMedia": [{"type": "text/html", "value": "<p>Insecure Default Initialization of Resource vulnerability in Apache Solr.</p><p><span style=\"background-color: rgb(255, 255, 255);\">New ConfigSets that are created via a Restore command, which copy a configSet from the backup and give it a new name, are created without setting the \"trusted\" metadata.<br>ConfigSets that do not contain the flag are trusted implicitly if the metadata is missing, therefore this leads to \"trusted\" ConfigSets that may not have been created with an Authenticated request.</span><br><span style=\"background-color: rgb(255, 255, 255);\">\"trusted\" ConfigSets are able to load custom code into classloaders, therefore the flag is supposed to only be set when the request that uploads the ConfigSet is Authenticated &amp; Authorized.</span></p><p>This issue affects Apache Solr: from 6.6.0 before 8.11.4, from 9.0.0 before 9.7.0. This issue does not affect Solr instances that are secured via Authentication/Authorization.</p><p>Users are primarily recommended to use Authentication and Authorization when running Solr. However, upgrading to version 9.7.0, or 8.11.4 will mitigate this issue otherwise.</p><p></p>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-1188", "description": "CWE-1188 Insecure Default Initialization of Resource"}]}], "providerMetadata": {"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09", "shortName": "apache", "dateUpdated": "2024-10-16T07:51:16.558Z"}}}, "cveMetadata": {"cveId": "CVE-2024-45217", "state": "PUBLISHED", "dateUpdated": "2024-10-16T15:08:26.625Z", "dateReserved": "2024-08-23T17:50:50.872Z", "assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09", "datePublished": "2024-10-16T07:51:16.558Z", "assignerShortName": "apache"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:apache:solr:*:*:*:*:*:*:*:*", "matchCriteriaId": "D5B38C70-E0C6-44EC-8CD0-6FFD5C77571B", "versionEndExcluding": "8.11.4", "versionStartIncluding": "6.6.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:solr:*:*:*:*:*:*:*:*", "matchCriteriaId": "2B904124-469C-4BD6-92C8-D8F40D491E82", "versionEndExcluding": "9.7.0", "versionStartIncluding": "9.0.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Insecure Default Initialization of Resource vulnerability in Apache Solr.\n\nNew ConfigSets that are created via a Restore command, which copy a configSet from the backup and give it a new name, are created without setting the \"trusted\" metadata.\nConfigSets that do not contain the flag are trusted implicitly if the metadata is missing, therefore this leads to \"trusted\" ConfigSets that may not have been created with an Authenticated request.\n\"trusted\" ConfigSets are able to load custom code into classloaders, therefore the flag is supposed to only be set when the request that uploads the ConfigSet is Authenticated & Authorized.\n\nThis issue affects Apache Solr: from 6.6.0 before 8.11.4, from 9.0.0 before 9.7.0. This issue does not affect Solr instances that are secured via Authentication/Authorization.\n\nUsers are primarily recommended to use Authentication and Authorization when running Solr. However, upgrading to version 9.7.0, or 8.11.4 will mitigate this issue otherwise."}, {"lang": "es", "value": "Vulnerabilidad de inicializaci\u00f3n predeterminada insegura de recursos en Apache Solr. Los nuevos ConfigSets que se crean mediante un comando de restauraci\u00f3n, que copian un configSet de la copia de seguridad y le dan un nuevo nombre, se crean sin configurar los metadatos \"confiables\". Los ConfigSets que no contienen el indicador se conf\u00edan impl\u00edcitamente si faltan los metadatos, por lo tanto, esto genera ConfigSets \"confiables\" que pueden no haberse creado con una solicitud autenticada. Los ConfigSets \"confiables\" pueden cargar c\u00f3digo personalizado en los cargadores de clases, por lo tanto, se supone que el indicador solo se establece cuando la solicitud que carga el ConfigSet est\u00e1 autenticada y autorizada. Este problema afecta a Apache Solr: desde 6.6.0 hasta 8.11.4, desde 9.0.0 hasta 9.7.0. Este problema no afecta a las instancias de Solr que est\u00e1n protegidas mediante autenticaci\u00f3n/autorizaci\u00f3n. Se recomienda principalmente a los usuarios que utilicen autenticaci\u00f3n y autorizaci\u00f3n al ejecutar Solr. Sin embargo, actualizar a la versi\u00f3n 9.7.0 o 8.11.4 mitigar\u00e1 este problema."}], "id": "CVE-2024-45217", "lastModified": "2025-07-01T20:28:31.793", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.2, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2024-10-16T08:15:05.353", "references": [{"source": "security@apache.org", "tags": ["Vendor Advisory"], "url": "https://solr.apache.org/security.html#cve-2024-45217-apache-solr-configsets-created-during-a-backup-restore-command-are-trusted-implicitly"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List"], "url": "http://www.openwall.com/lists/oss-security/2024/10/15/9"}], "sourceIdentifier": "security@apache.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-1188"}], "source": "security@apache.org", "type": "Secondary"}]}

{}

{}