EPSS
Percentile
29.0%
solr-core is vulnerable to authorization bypass. The vulnerability exists when using the default RuleBasedAuthorizationPlugin, which allows a node to proxy requests without the need for authorization.
RuleBasedAuthorizationPlugin
github.com/apache/lucene-solr/commit/d14bf2dc1ab0fd9d27d8add9ead1a7a76f4f340f
issues.apache.org/jira/browse/SOLR-12514
www.openwall.com/lists/oss-security/2019/04/24/1