CVE-2020-13941

Name of the Vulnerable Software and Affected Versions Apache Solr versions prior to 8.6.0

Description The issue is related to the Replication handler, which allows commands such as backup, restore, and deleteBackup. These commands take a location parameter that was not validated, allowing read/write access to any location the Solr user can access.

Recommendations For versions prior to 8.6.0, update to Solr version 8.6.0 or later to resolve the issue. As a temporary workaround, consider restricting access to the Replication handler or validating the location parameter to minimize the risk of exploitation.