CVE-2019-12409

CVSS V2 High 7.5 CVSS V3 Critical 9.8
Description
The 8.1.1 and 8.2.0 releases of Apache Solr contain an insecure setting for the ENABLE_REMOTE_JMX_OPTS configuration option in the default solr.in.sh configuration file shipping with Solr. If you use the default solr.in.sh file from the affected releases, then JMX monitoring will be enabled and exposed on RMI_PORT (default=18983), without any authentication. If this port is opened for inbound traffic in your firewall, then anyone with network access to your Solr nodes will be able to access JMX, which may in turn allow them to upload malicious code for execution on the Solr server.
Overview
  • CVE ID
  • CVE-2019-12409
  • Assigner
  • security@apache.org
  • Vulnerability Status
  • Analyzed
  • Published Version
  • 2019-11-18T21:15:11
  • Last Modified Date
  • 2020-07-23T19:33:16
Weakness Enumerations
CWE URL
CWE-434 http://cwe.mitre.org/data/definitions/434.html
CPE Configuration (Product)
CPE Vulnerable Operator Version Start Version End
AND
cpe:2.3:a:apache:solr:8.1.1:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:apache:solr:8.2.0:*:*:*:*:*:*:* 1 OR
cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:* 0 OR
CVSS Version 2
  • Version
  • 2.0
  • Vector String
  • AV:N/AC:L/Au:N/C:P/I:P/A:P
  • Access Vector
  • NETWORK
  • Access Compatibility
  • LOW
  • Authentication
  • NONE
  • Confidentiality Impact
  • PARTIAL
  • Integrity Impact
  • PARTIAL
  • Availability Impact
  • PARTIAL
  • Base Score
  • 7.5
  • Severity
  • HIGH
  • Exploitability Score
  • 10
  • Impact Score
  • 6.4
CVSS Version 3
  • Version
  • 3.1
  • Vector String
  • CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Attack Vector
  • NETWORK
  • Attack Compatibility
  • LOW
  • Privileges Required
  • NONE
  • User Interaction
  • NONE
  • Scope
  • UNCHANGED
  • Confidentiality Impact
  • HIGH
  • Availability Impact
  • HIGH
  • Base Score
  • 9.8
  • Base Severity
  • CRITICAL
  • Exploitability Score
  • 3.9
  • Impact Score
  • 5.9
References
Reference URL Reference Tags
https://lists.apache.org/thread.html/6640c7e370fce2b74e466a605a46244ccc40666ad9e3064a4e04a85d@%3Csolr-user.lucene.apache.org%3E Mailing List Vendor Advisory
https://support.f5.com/csp/article/K23720587?utm_source=f5support&utm_medium=RSS Third Party Advisory
https://lists.apache.org/thread.html/a044eae4f6f5b0160ece5bf9cc4c0dad90ce7dd9bb210a9dc50b54be@%3Cgeneral.lucene.apache.org%3E Mailing List Vendor Advisory
https://github.com/DrunkenShells/Disclosures/tree/master/CVE-2019-12409-RCE%20Vulnerability%20Due%20to%20Bad%20Defalut%20Config-Apache%20Solr Exploit Third Party Advisory
https://lists.apache.org/thread.html/47e112035b4aa67ece3b75dbcd1b9c9212895b9dfe2a71f6f7c174e2@%3Cannounce.apache.org%3E Mailing List Vendor Advisory
https://lists.apache.org/thread.html/925cdb49ceae78baddb45da7beb9b4d2b1ddc4a8e318c65e91fb4e87@%3Cissues.lucene.apache.org%3E Mailing List Vendor Advisory
https://lists.apache.org/thread.html/ce7c0b456b15f6c7518adefa54ec948fed6de8e951a2584500c1e541@%3Cissues.lucene.apache.org%3E Mailing List Vendor Advisory
Sources
Source Name Source URL
NIST https://nvd.nist.gov/vuln/detail/CVE-2019-12409
MITRE https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12409
History
Created Old Value New Value Data Type Notes
2022-05-10 16:39:57 Added to TrackCVE
2022-12-04 06:32:42 2019-11-18T21:15Z 2019-11-18T21:15:11 CVE Published Date updated
2022-12-04 06:32:42 2020-07-23T19:33:16 CVE Modified Date updated
2022-12-04 06:32:42 Analyzed Vulnerability Status updated