Apache Solr CVE-2018-1308 XML External Entity Injection Vulnerability
BID:103974
Info
Apache Solr CVE-2018-1308 XML External Entity Injection Vulnerability
| Bugtraq ID: | 103974 |
| Class: | Input Validation Error |
| CVE: |
CVE-2018-1308 |
| Remote: | Yes |
| Local: | No |
| Published: | Apr 09 2018 12:00AM |
| Updated: | Apr 09 2018 12:00AM |
| Credit: | The vendor reported this issue. |
| Vulnerable: |
Apache Solr 7.2.1 Apache Solr 7.0 Apache Solr 6.6.2 Apache Solr 6.2 Apache Solr 5.2.1 Apache Solr 4.2.1 Apache Solr 4.2.0 Apache Solr 1.2 |
| Not Vulnerable: |
Apache Solr 6.6.3 Apache Solr 7.3 |
Discussion
Apache Solr CVE-2018-1308 XML External Entity Injection Vulnerability
Apache Solr is prone to an XML External Entity injection vulnerability.
Attackers can exploit this issue to gain access to sensitive information or cause denial-of-service conditions.
Apache Solr 1.2 through 6.6.2 and 7.0.0 through 7.2.1 are vulnerable; other versions may also be affected.
Apache Solr is prone to an XML External Entity injection vulnerability.
Attackers can exploit this issue to gain access to sensitive information or cause denial-of-service conditions.
Apache Solr 1.2 through 6.6.2 and 7.0.0 through 7.2.1 are vulnerable; other versions may also be affected.
Solution / Fix
Apache Solr CVE-2018-1308 XML External Entity Injection Vulnerability
Solution:
Updates are available. Please see the references or vendor advisory for more information.
Solution:
Updates are available. Please see the references or vendor advisory for more information.
References
Apache Solr CVE-2018-1308 XML External Entity Injection Vulnerability
References:
References: