正文

Apache Solr 安全漏洞

admin
admin V管理员 /0 评论 /11 阅读
0304
此篇文章发布距今已超过1223天,您需要注意文章的内容或图片是否可用!

漏洞信息详情

Apache Solr 安全漏洞

  • CNNVD编号:CNNVD-202104-840
    • <!--
  • 危害等级: 高危-->
  • 危害等级: 高危
  • CVE编号: CVE-2021-29262
  • 漏洞类型: 其他
  • 发布时间: 2021-04-13
  • 威胁类型: 远程
  • 更新时间: 2021-10-08
  • 厂        商:
  • 漏洞来源:

漏洞简介

Apache Solr是美国阿帕奇(Apache)基金会的一款基于Lucene(一款全文搜索引擎)的搜索服务器。该产品支持层面搜索、垂直搜索、高亮显示搜索结果等。

Apache Solr 8.8.2 之前版本存在安全漏洞,该漏洞源于SaslZkACLProvider或VMParamsAllAndReadonlyDigestZkACLProvider配置,没有现有的安全性。

漏洞公告

目前厂商已发布升级补丁以修复漏洞,补丁获取链接:

https://lists.apache.org/thread.html/r536da4c4e4e406f7843461cc754a3d0a3fe575aa576e2b71a9cd57d0%40%3Cannounce.apache.org%3E

参考网址

来源:MLIST

链接:https://lists.apache.org/thread.html/ref84e60192f4bdc3206b247f260513e8d4e71f3e200792f75386d07a@%3Cdev.jackrabbit.apache.org%3E

来源:MLIST

链接:https://lists.apache.org/thread.html/r1171f6417eeb6d5e1206d53e2b2ff2d6ee14026f8b595ef7d8a33b79@%3Coak-issues.jackrabbit.apache.org%3E

来源:MLIST

链接:https://lists.apache.org/thread.html/rb6db683903174eaa44ec80cc118a38574319b0d4181f36b61ee6278f@%3Cdev.jackrabbit.apache.org%3E

来源:MLIST

链接:https://lists.apache.org/thread.html/r7151081abab92a827a607205c4260b0a3d22280b52d15bc909177608@%3Coak-issues.jackrabbit.apache.org%3E

来源:MLIST

链接:https://lists.apache.org/thread.html/r51b29ff62060b67bc9999ded5e252b36b09311fe5a02d27f6de3e4d3@%3Coak-issues.jackrabbit.apache.org%3E

来源:MLIST

链接:https://lists.apache.org/thread.html/r8d35eeb9a470d2682b5bcf3be0b8942faa7e28f9ca5861c058d17fff@%3Coak-issues.jackrabbit.apache.org%3E

来源:MISC

链接:https://lists.apache.org/thread.html/r536da4c4e4e406f7843461cc754a3d0a3fe575aa576e2b71a9cd57d0%40%3Cannounce.apache.org%3E

来源:MLIST

链接:https://lists.apache.org/thread.html/r1e92a2eff6c47a65c4a6e95e809a9707181de76f8062403a0bea1012@%3Coak-issues.jackrabbit.apache.org%3E

来源:MLIST

链接:https://lists.apache.org/thread.html/r9c4ce6903218c92ef2583070e64af5a69e483821c4b3016dc41e3c6f@%3Coak-issues.jackrabbit.apache.org%3E

来源:MLIST

链接:https://lists.apache.org/thread.html/rd85f87e559ee27e9c69795e3ad93a77621895e0328ea3df41d711d72@%3Coak-commits.jackrabbit.apache.org%3E

来源:MLIST

链接:https://lists.apache.org/thread.html/rbc680cbfd745f22d182158217428a296e8e398cde16f3f428fe4bddc@%3Coak-issues.jackrabbit.apache.org%3E

来源:CONFIRM

链接:https://security.netapp.com/advisory/ntap-20210604-0009/

来源:www.cybersecurity-help.cz

链接:https://www.cybersecurity-help.cz/vdb/SB2021041303

来源:www.ibm.com

链接:https://www.ibm.com/blogs/psirt/security-bulletin-ibm-infosphere-information-server-is-affected-by-multiple-vulnerabilities-in-apache-solr/

来源:www.auscert.org.au

链接:https://www.auscert.org.au/bulletins/ESB-2021.1217

来源:nvd.nist.gov

链接:https://nvd.nist.gov/vuln/detail/CVE-2021-29262

受影响实体

    暂无


补丁

    暂无