CVE-2017-7660

Published Jul 7, 2017

Last updated 6 years ago

Overview

Description: Apache Solr uses a PKI based mechanism to secure inter-node communication when security is enabled. It is possible to create a specially crafted node name that does not exist as part of the cluster and point it to a malicious node. This can trick the nodes in cluster to believe that the malicious node is a member of the cluster. So, if Solr users have enabled BasicAuth authentication mechanism using the BasicAuthPlugin or if the user has implemented a custom Authentication plugin, which does not implement either "HttpClientInterceptorPlugin" or "HttpClientBuilderPlugin", his/her servers are vulnerable to this attack. Users who only use SSL without basic authentication or those who use Kerberos are not affected.
Source: security@apache.org
NVD status: Modified

Risk scores

CVSS 3.0

Type: Primary
Base score: 7.5
Impact score: 3.6
Exploitability score: 3.9
Vector string: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Severity: HIGH

CVSS 2.0

Type: Primary
Base score: 5
Impact score: 2.9
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:N/I:P/A:N

Weaknesses

nvd@nist.gov: CWE-287

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:apache:solr:5.3.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6A15EC7D-D9FD-4BAF-AB39-3CDF36485557"
          },
          {
            "criteria": "cpe:2.3:a:apache:solr:5.3.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B3BE5B93-258A-4CE9-990C-3B8447A6B454"
          },
          {
            "criteria": "cpe:2.3:a:apache:solr:5.3.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1A6ECE67-ED5D-4188-9E67-3B4C91251D20"
          },
          {
            "criteria": "cpe:2.3:a:apache:solr:5.4.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "78C579A3-DBF2-4B9A-9119-DD7854D1B74A"
          },
          {
            "criteria": "cpe:2.3:a:apache:solr:5.4.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FBB5011F-D3B0-4778-9EE6-052EFA99608D"
          },
          {
            "criteria": "cpe:2.3:a:apache:solr:5.5.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F5EABC66-0815-4B89-B0ED-2C44EC20F8DE"
          },
          {
            "criteria": "cpe:2.3:a:apache:solr:5.5.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E79098DA-B7D2-4A8A-9FD8-B1B4330DBA75"
          },
          {
            "criteria": "cpe:2.3:a:apache:solr:5.5.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3541C154-9A45-4331-8C15-B0BABE388058"
          },
          {
            "criteria": "cpe:2.3:a:apache:solr:5.5.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F38C7034-7432-4530-8CFC-A04F08300074"
          },
          {
            "criteria": "cpe:2.3:a:apache:solr:5.5.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0DE8EEE3-1EC6-4277-86CA-6AF6CC5B7928"
          },
          {
            "criteria": "cpe:2.3:a:apache:solr:6.0.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "29F3170C-C5D6-431F-A2DD-692636CF5DAB"
          },
          {
            "criteria": "cpe:2.3:a:apache:solr:6.0.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BA339070-A2BD-4559-B400-2BC2EB9923A7"
          },
          {
            "criteria": "cpe:2.3:a:apache:solr:6.1.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B737CF14-C14A-4D97-B838-47EC4A2C68C8"
          },
          {
            "criteria": "cpe:2.3:a:apache:solr:6.2.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "036F935D-B469-47C6-AF5D-3DFC73070753"
          },
          {
            "criteria": "cpe:2.3:a:apache:solr:6.2.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "42A1A17A-32EA-40A2-9A1E-6019B493B5C1"
          },
          {
            "criteria": "cpe:2.3:a:apache:solr:6.3.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "76557E9C-1F16-44D9-ACA1-F4DAEC966F05"
          },
          {
            "criteria": "cpe:2.3:a:apache:solr:6.4.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DE068A02-D47A-4C6C-BFD3-040385599CA5"
          },
          {
            "criteria": "cpe:2.3:a:apache:solr:6.4.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9CB3F9EB-63DE-4780-A357-FE89D1DB70CA"
          },
          {
            "criteria": "cpe:2.3:a:apache:solr:6.4.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "099B5DFD-CCD9-4EE7-B49E-77EC286D5F19"
          },
          {
            "criteria": "cpe:2.3:a:apache:solr:6.5.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "745CE558-1411-4356-9B79-2805FB4C80D7"
          },
          {
            "criteria": "cpe:2.3:a:apache:solr:6.5.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F9B41559-4695-467E-B7EA-B9D86127CFD7"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 3.0

CVSS 2.0

Weaknesses

Social media

Configurations

References