CVE-2023-50291: Apache Solr: System Property redaction logic inconsistency can lead to leaked passwords

CVE-2023-50291: Apache Solr: System Property redaction logic inconsistency can lead to leaked passwords

Open Source Security [[{„value“:“

Posted by Houston Putman on Feb 09

Severity: moderate

Affected versions:

– Apache Solr 6.0.0 through 8.11.2
– Apache Solr 9.0.0 before 9.3.0

Description:

Insufficiently Protected Credentials vulnerability in Apache Solr.

This issue affects Apache Solr: from 6.0.0 through 8.11.2, from 9.0.0 before 9.3.0.
One of the two endpoints that publishes the Solr process‘ Java system properties, /admin/info/properties, was only
setup to hide system properties that had…
„}]] Read More 

Schreibe einen Kommentar

Deine E-Mail-Adresse wird nicht veröffentlicht. Erforderliche Felder sind mit * markiert