QID 730301

Date Published: 2021-12-17

QID 730301: Apache Solr Affected By Apache Log4J Vulnerability (Log4Shell)

Apache Solr is an open-source enterprise search platform, written in Java, from the Apache Lucene project. Its major features include full-text search, hit highlighting, faceted search, real-time indexing, dynamic clustering, database integration, NoSQL features and rich document handling.

Affected Versions:
Apache Solr versions 7.4.0 to 7.7.3
Apache Solr versions 8.0.0 to 8.11.0
Apache Solr releases prior to 7.4 (i.e. Solr 5, Solr 6, and Solr 7 through 7.3) use Log4J 1.2.17 which may be vulnerable for installations using non-default logging configurations that include the JMS Appender

QID Detection Logic (Unauthenticated):
This QID sends a GET request to grab the value of 'solr-spec-version' from the source code, and checks if the version is vulnerable or not.

Successful exploitation of the vulnerability may allow Remote Code Execution.

  • CVSS V3 rated as Critical - 10 severity.
  • CVSS V2 rated as Critical - 9.3 severity.
  • Solution
    Vendor has released patch, for more information please refer to Apache Solr Security Advisory

    CVEs related to QID 730301

    Software Advisories
    Advisory ID Software Component Link
    CVE-2021-44228 URL Logo solr.apache.org/security.html#apache-solr-affected-by-apache-log4j-cve-2021-44228