CVE-2017-3164 – Server Side Request Forgery in Apache Solr, versions 1.3 until 7.6 (inclusive). Since the …

Vuln ID: CVE-2017-3164

Published:  2019-03-08  21:29:00Z

Description: Server Side Request Forgery in Apache Solr, versions 1.3 until 7.6 (inclusive). Since the "shards" parameter does not have a corresponding whitelist mechanism, a remote attacker with access to the server could make Solr perform an HTTP GET request to any reachable URL.

Source: NVD.NIST.GOV

 

Tags