CVE-2018-11802

Name of the Vulnerable Software and Affected Versions: Apache Solr versions prior to 7.7

Description: The issue affects Apache Solr clusters where a node can proxy requests to other nodes for collections it does not host, bypassing authorization settings. This occurs in versions prior to 7.7 that use the default RuleBasedAuthorizationPlugin.

Recommendations: For versions prior to 7.7, consider updating to version 7.7 or later to resolve the issue. As a temporary workaround, consider restricting access to the proxy functionality or implementing additional authorization mechanisms to minimize the risk of exploitation.