CVE-2019-0193 | AttackerKB

Description

In Apache Solr, the DataImportHandler, an optional but popular module to pull in data from databases and other sources, has a feature in which the whole DIH configuration can come from a request’s “dataConfig” parameter. The debug mode of the DIH admin screen uses this to allow convenient debugging / development of a DIH config. Since a DIH config can contain scripts, this parameter is a security risk. Starting with version 8.2.0 of Solr, use of this parameter requires setting the Java System property “enable.dih.dataConfigParam” to true.

Add Assessment

No one has assessed this topic. Be the first to add your voice to the community.

CVSS V3 Severity and Metrics

Data provided by the National Vulnerability Database (NVD)

Base Score:

7.2 High

Impact Score:

5.9

Exploitability Score:

1.2

Vector:

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Attack Vector (AV):

Network

Attack Complexity (AC):

Low

Privileges Required (PR):

High

User Interaction (UI):

None

Scope (S):

Unchanged

Confidentiality (C):

High

Integrity (I):

High

Availability (A):

High

Vendors

Products

Exploited in the Wild

Reported by:

gwillcox-r7 indicated sources as

Government or Industry Alert (https://www.cisa.gov/uscert/ncas/current-activity/2021/12/10/cisa-adds-thirteen-known-exploited-vulnerabilities-catalog)
Threat Feed (https://blogs.juniper.net/en-us/threat-research/sysrv-botnet-expands-and-gains-persistence)

Reported: December 06, 2021 3:16pm UTC (3 years ago) • Edited 3 years ago

AttackerKB Worker indicated source as Government or Industry Alert (https://www.cisa.gov/news-events/alerts/2021/12/10/cisa-adds-13-known-exploited-vulnerabilities-catalog)

Reported: November 08, 2024 8:19am UTC (3 months ago)

References

Canonical

CVE-2019-0193 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0193)

Advisory

https://issues.apache.org/jira/browse/SOLR-13669

[debian-lts-announce] 20191010 [SECURITY] [DLA 1954-1] lucene-solr security update (https://lists.debian.org/debian-lts-announce/2019/10/msg00013.html)

[lucene-issues] 20191025 [jira] [Updated] (SOLR-13873) Is there any fix for CVE-2019-0193 issue for solr 7.7.1 (https://lists.apache.org/thread.html/7143983363f0ba463475be4a8b775077070a08dbf075449b7beb51ee@%3Cissues.lucene.apache.org%3E)

[lucene-issues] 20191025 [jira] [Created] (SOLR-13873) Is there any fix for CVE-2019-0193 issue for solr 7.7.1 (https://lists.apache.org/thread.html/42cc4d334ba33905b872a0aa00d6a481391951c8b1450f01b077ce74@%3Cissues.lucene.apache.org%3E)

[lucene-issues] 20191025 [jira] [Resolved] (SOLR-13873) Is there any fix for CVE-2019-0193 issue for solr 7.7.1 (https://lists.apache.org/thread.html/6f2d61bd8732224c5fd3bdd84798f8e01e4542d3ee2f527a52a81b83@%3Cissues.lucene.apache.org%3E)

[lucene-issues] 20191025 [jira] [Commented] (SOLR-13669) [CVE-2019-0193] Remote Code Execution via DataImportHandler (https://lists.apache.org/thread.html/1addbb49a1fc0947fb32ca663d76d93cfaade35a4848a76d4b4ded9c@%3Cissues.lucene.apache.org%3E)

[lucene-issues] 20191025 [jira] [Commented] (SOLR-13873) Is there any fix for CVE-2019-0193 issue for solr 7.7.1 (https://lists.apache.org/thread.html/a6e3c09dba52b86d3a1273f82425973e1b0623c415d0e4f121d89eab@%3Cissues.lucene.apache.org%3E)

[nifi-commits] 20191113 svn commit: r1869773 - /nifi/site/trunk/security.html (https://lists.apache.org/thread.html/bcce5a9c532b386c68dab2f6b3ce8b0cc9b950ec551766e76391caa3@%3Ccommits.nifi.apache.org%3E)

[lucene-issues] 20191129 [jira] [Commented] (SOLR-13669) [CVE-2019-0193] Remote Code Execution via DataImportHandler (https://lists.apache.org/thread.html/55880d48e38ba9e8c41a3b9e41051dbfdef63b86b0cfeb32967edf03@%3Cissues.lucene.apache.org%3E)

[lucene-issues] 20191130 [jira] [Resolved] (SOLR-13669) [CVE-2019-0193] Remote Code Execution via DataImportHandler (https://lists.apache.org/thread.html/e85f735fad06a0fb46e74b7e6e9ce7ded20b59637cd9f993310f814d@%3Cissues.lucene.apache.org%3E)

[lucene-issues] 20191130 [jira] [Closed] (SOLR-13669) [CVE-2019-0193] Remote Code Execution via DataImportHandler (https://lists.apache.org/thread.html/9b0e7a7e3e18d0724f511403b364fc082ff56e3134d84cfece1c82fc@%3Cissues.lucene.apache.org%3E)

[nifi-commits] 20200123 svn commit: r1873083 - /nifi/site/trunk/security.html (https://lists.apache.org/thread.html/rca37935d661f4689cb4119f1b3b224413b22be161b678e6e6ce0c69b@%3Ccommits.nifi.apache.org%3E)

[lucene-dev] 20200213 Re: 7.7.3 bugfix release (https://lists.apache.org/thread.html/r339865b276614661770c909be1dd7e862232e3ef0af98bfd85686b51@%3Cdev.lucene.apache.org%3E)

[lucene-dev] 20200214 Re: 7.7.3 bugfix release (https://lists.apache.org/thread.html/r19d23e8640236a3058b4d6c23e5cd663fde182255f5a9d63e0606a66@%3Cdev.lucene.apache.org%3E)

[lucene-issues] 20200218 [jira] [Updated] (SOLR-13669) [CVE-2019-0193] Remote Code Execution via DataImportHandler (https://lists.apache.org/thread.html/r33aed7ad4ee9833c4190a44e2b106efd2deb19504b85e012175540f6@%3Cissues.lucene.apache.org%3E)

[lucene-issues] 20200218 [jira] [Commented] (SOLR-13669) [CVE-2019-0193] Remote Code Execution via DataImportHandler (https://lists.apache.org/thread.html/rb34d820c21f1708c351f9035d6bc7daf80bfb6ef99b34f7af1d2f699@%3Cissues.lucene.apache.org%3E)

[debian-lts-announce] 20200816 [SECURITY] [DLA 2327-1] lucene-solr security update (https://lists.debian.org/debian-lts-announce/2020/08/msg00025.html)

[submarine-commits] 20201209 [GitHub] [submarine] QiAnXinCodeSafe opened a new issue #474: There is a vulnerability in Apache Solr 5.5.4,upgrade recommended (https://lists.apache.org/thread.html/rc400db37710ee79378b6c52de3640493ff538c2beb41cefdbbdf2ab8@%3Ccommits.submarine.apache.org%3E)

[druid-commits] 20210324 [GitHub] [druid] jihoonson opened a new pull request #11030: Suppress cves (https://lists.apache.org/thread.html/r1d4a247329a8478073163567bbc8c8cb6b49c6bfc2bf58153a857af1@%3Ccommits.druid.apache.org%3E)

[solr-users] 20210618 CVE-2021-27905 Apache Solr ReplicationHandler/SSRF vulnerability (https://lists.apache.org/thread.html/r95df34bb158375948da82b4dfe9a1b5d528572d586584162f8f5aeef@%3Cusers.solr.apache.org%3E)

[solr-users] 20210618 Re: CVE-2021-27905 Apache Solr ReplicationHandler/SSRF vulnerability (https://lists.apache.org/thread.html/r140128dc6bb4f4e0b6a39e962c7ca25a8cbc8e48ed766176c931fccc@%3Cusers.solr.apache.org%3E)

[solr-users] 20210728 Re: CVE-2021-27905 Apache Solr ReplicationHandler/SSRF vulnerability (https://lists.apache.org/thread.html/r3da74965aba2b5f5744b7289ad447306eeb2940c872801819faa9314@%3Cusers.solr.apache.org%3E)

Rapid7

Technical Analysis