PT-2025-5580 · Apache · Apache Solr

Pwn Null

Published

2025-01-26

Updated

2025-01-29

CVE-2025-24814

CVSS v4.0

7.2

High

Vector

AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U

Name of the Vulnerable Software and Affected Versions Apache Solr versions up through 9.7

Description The issue allows users to replace "trusted" configset files with arbitrary configuration. Solr instances using the "FileSystemConfigSetService" component and running without authentication and authorization are affected. An attacker can exploit this to load malicious code as a searchComponent or other plugin by using "" tags to add to Solr's classpath.

Recommendations Apache Solr versions up through 9.7: Enable authentication and authorization on Solr clusters or switch to SolrCloud, and consider upgrading to Solr 9.8.0, which disables the use of "" tags by default.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-250

Related Identifiers

BDU:2025-04325

BIT-SOLR-2025-24814

CVE-2025-24814

GHSA-68R2-FWCG-QPM8

Affected Products

Apache Solr

PT-2025-5580 · Apache · Apache Solr

CVE-2025-24814

Weakness Enumeration

Related Identifiers

Affected Products

References · 29