Allele Security Alert
ASA-2019-00126
Identifier(s)
ASA-2019-00126, CVE-2019-0192
Title
Deserialization of untrusted data via jmx.serviceUrl
Vendor(s)
Unknown
Product(s)
Apache Solr
Affected version(s)
Apache Solr versions 5.0.0 to 5.5.5
Apache Solr versions 6.0.0 to 6.6.5
Fixed version(s)
Apache Solr version 7.0
Proof of concept
Yes
Description
ConfigAPI allows to configure Solr’s JMX server via an HTTP POST request. By pointing it to a malicious RMI server, an attacker could take advantage of Solr’s unsafe deserialization to trigger remote code execution on the Solr side.
Technical details
Unknown
Credits
Michael Stepankin
Reference(s)
CVE-2019-0192 Deserialization of untrusted data via jmx.serviceUrl in Apache Solr
https://seclists.org/oss-sec/2019/q1/169
[CVE-2019-0192] Deserialization of untrusted data via jmx.serviceUrl
https://issues.apache.org/jira/browse/SOLR-13301
CVE-2019-0192 – Apache Solr RCE 5.0.0 to 5.5.5 and 6.0.0 to 6.6.5
https://github.com/mpgn/CVE-2019-0192/
CVE-2019-0192
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0192
CVE-2019-0192
https://nvd.nist.gov/vuln/detail/CVE-2019-0192
If there is any error in this alert or you wish a comprehensive analysis, let us know.
Last modified: October 2, 2019