Uploaded image for project: 'Solr'
  1. Solr
  2. SOLR-11971

CVE-2018-1308: XXE attack through DIH's dataConfig request parameter

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: 6.6.3, 7.3, master (8.0)
    • Security Level: Public (Default Security Level. Issues are Public)
    • Labels:
      None

      Description

      We got a security report about an XXE attack when using the &dataConfig=<inlinexml> of Solr's DataImportHandler. See the attached PDF file with full details (I converted it to PDF, originally it was a DOC file).

        Attachments

        1. ApacheSolrDIH-XXE.pdf
          1.52 MB
          Uwe Schindler
        2. SOLR-11971.patch
          5 kB
          Uwe Schindler

          Issue Links

            Activity

              People

              • Assignee:
                thetaphi Uwe Schindler
                Reporter:
                thetaphi Uwe Schindler
              • Votes:
                0 Vote for this issue
                Watchers:
                5 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: