CVE-2021-29943

Name of the Vulnerable Software and Affected Versions Apache Solr versions prior to 8.8.2

Description The issue arises when using ConfigurableInternodeAuthHadoopPlugin for authentication. In this scenario, distributed requests are forwarded or proxied using server credentials instead of the original client credentials. This results in incorrect authorization resolution on the receiving hosts.

Recommendations For versions prior to 8.8.2, update to version 8.8.2 or later to resolve the issue. As a temporary workaround, consider disabling the use of ConfigurableInternodeAuthHadoopPlugin for authentication until a patch is available. Restrict access to distributed requests to minimize the risk of exploitation.