Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
redhatcveRedhat.comRH:CVE-2019-12409
HistoryNov 20, 2019 - 8:07 p.m.

CVE-2019-12409

2019-11-2020:07:26
redhat.com
access.redhat.com
5

0.055 Low

EPSS

Percentile

93.3%

JSON

A flaw was discovered in Apache Solr, where it contains an insecure setting in the default configuration that exposes unauthenticated access to the JMX monitoring service. This flaw allows an attacker to upload malicious code for execution on the Solr server.

Mitigation

Per Solr guidance: "Make sure your effective solr.in.sh file has ENABLE_REMOTE_JMX_OPTS set to 'false' on every Solr node and then restart Solr. Note that the effective solr.in.sh file may reside in /etc/defaults/ or another location depending on the install. You can then validate that the 'com.sun.management.jmxremote*' family of properties are not listed in the "Java Properties" section of the Solr Admin UI, or configured in a secure way. There is no need to upgrade or update any code."

Related

ubuntucve 1
nvd 1
githubexploit 1
symantec 1
threatpost 1
osv 2
f5 1
attackerkb 1
prion 1
cvelist 1
cve 1
nessus 3
debiancve 1
github 1
checkpoint_advisories 1
ubuntucve
ubuntucve
CVE-2019-12409
2019-11-18 00:00:00
nvd
nvd
CVE-2019-12409
2019-11-18 21:15:11
githubexploit
githubexploit
Exploit for Unrestricted Upload of File with Dangerous Type in Apache Solr
2019-11-19 08:53:56
symantec
symantec
Apache Solr for Linux CVE-2019-12409 Remote Code Execution Vulnerability
2019-08-12 00:00:00
threatpost
threatpost
Apache Solr Bug Gets Bumped Up to High Severity
2019-11-20 19:41:57
osv
osv
Unrestricted upload of file with dangerous type in Apache Solr
2020-01-28 22:26:54
CVE-2019-12409
2019-11-18 21:15:11
f5
f5
K23720587 : Apache Solr vulnerability CVE-2019-12409
2019-12-03 00:00:00
attackerkb
attackerkb
Apache Solr 8.11, 8.20 have unauthenticated JMX server enabled in default config
2019-09-11 00:00:00
prion
prion
Default configuration
2019-11-18 21:15:00
cvelist
cvelist
CVE-2019-12409
2019-11-18 20:50:59
cve
cve
CVE-2019-12409
2019-11-18 21:15:11
nessus
nessus
Apache Solr 8.1.1 / 8.2.0 Remote Code Execution Vulnerability
2019-11-21 00:00:00
Apache Solr 8.1.1 < 8.3.0 Remote Code Execution
2020-01-27 00:00:00
Apache Solr 8.1.1, 8.2.0 Remote JMX RMI Deserialization Vulnerability
2019-12-19 00:00:00
debiancve
debiancve
CVE-2019-12409
2019-11-18 21:15:11
github
github
Unrestricted upload of file with dangerous type in Apache Solr
2020-01-28 22:26:54
checkpoint_advisories
checkpoint_advisories
Apache Solr Remote Code Execution (CVE-2019-12409; CVE-2019-17558)
2019-11-20 00:00:00

0.055 Low

EPSS

Percentile

93.3%

JSON
Related for RH:CVE-2019-12409
ubuntucve1nvd1githubexploit1symantec1threatpost1osv2f51attackerkb1prion1cvelist1cve1nessus3debiancve1github1checkpoint_advisories1