CVE-2013-6397

Name of the Vulnerable Software and Affected Versions Apache Solr versions prior to 4.6

Description The issue allows remote attackers to read arbitrary files via a .. (dot dot) or full pathname in the tr parameter to "solr/select/", when the response writer (wt parameter) is set to XSLT. This can be leveraged using a separate XXE (XML eXternal Entity) vulnerability to allow access to files across restricted network boundaries. The vulnerability may lead to a violation of confidentiality and availability of protected information.

Recommendations For Apache Solr versions prior to 4.6, consider updating to version 4.6 or later to resolve the issue. As a temporary workaround, consider restricting access to the "solr/select/" endpoint or disabling the XSLT response writer to minimize the risk of exploitation. Avoid using the tr parameter with untrusted input in the affected API endpoint until the issue is resolved.