Uploaded image for project: 'Solr'
  1. Solr
  2. SOLR-11971

CVE-2018-1308: XXE attack through DIH's dataConfig request parameter

          Details

          • Type: Bug
          • Status: Closed
          • Priority: Major
          • Resolution: Fixed
          • Affects Version/s: None
          • Fix Version/s: 6.6.3, 7.3, master (8.0)
          • Component/s: contrib - DataImportHandler
          • Security Level: Public (Default Security Level. Issues are Public)
          • Labels:
            None

            Description

            We got a security report about an XXE attack when using the &dataConfig=<inlinexml> of Solr's DataImportHandler. See the attached PDF file with full details (I converted it to PDF, originally it was a DOC file).

              Attachments

              1. ApacheSolrDIH-XXE.pdf
                1.52 MB
                Uwe Schindler
              2. SOLR-11971.patch
                5 kB
                Uwe Schindler

                Issue Links

                links to

                Web Link Advisory

                Web Link CVE-2018-1308

                  Activity

                    People

                    • Assignee:
                      thetaphi Uwe Schindler
                      Reporter:
                      thetaphi Uwe Schindler
                    • Votes:
                      0 Vote for this issue
                      Watchers:
                      5 Start watching this issue

                      Dates

                      • Created:
                        Updated:
                        Resolved: