CVE-2024-45216

Name of the Vulnerable Software and Affected Versions: Apache Solr versions 5.3.0 through 8.11.3 Apache Solr versions 9.0.0 through 9.6.9

Description: The issue is related to an improper authentication vulnerability in Apache Solr, where Solr instances using the PKIAuthenticationPlugin are vulnerable to authentication bypass. A fake ending at the end of any Solr API URL path can allow requests to skip authentication while maintaining the API contract with the original URL path. This fake ending looks like an unprotected API path but is stripped off internally after authentication but before API routing. Over 45,000 services are potentially affected by this issue.

Recommendations: To resolve the issue, upgrade Apache Solr to version 8.11.4 or 9.7.0, which fix the issue. As a temporary workaround, consider restricting access to Solr API endpoints to minimize the risk of exploitation.