There is a potential vulnerability in Apache Tika that affects Apache Solr
CVEID:CVE-2018-8017
**DESCRIPTION:**Apache Tika is vulnerable to a denial of service, caused by an error in the IptcAnpaParser. By persuading a victim to open a specially crafted file, a remote attacker could exploit this vulnerability to cause the application to enter into an infinite loop.
CVSS Base score: 4.3
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/150099 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L)
Affected Product(s) | Version(s) |
---|---|
Log Analysis | 1.3.1 |
Log Analysis | 1.3.2 |
Log Analysis | 1.3.3 |
Log Analysis | 1.3.4 |
Log Analysis | 1.3.5 |
Log Analysis | 1.3.6 |
Principal Product and Version(s) : | Fix details |
---|---|
IBM Operations Analytics - Log Analysis version 1.3.x |
Upgrade to Log Analysis version 1.3.7
Download the 1.3.7-TIV-IOALA-FP here
None