CVE-2021-27905 Scanner

Apache Solr is a widely used open-source search engine platform used by many organizations to manage their data. It is a popular choice because of its ability to handle high volumes of data and its fast speed in performing searches, making it an ideal tool for businesses with large amounts of data. Solr is normally registered at "/replication" under a Solr core, and it uses ReplicationHandler to replicate index data into the local core. 

Recently, a vulnerability, CVE-2021-27905, was detected in Apache Solr. This vulnerability affected essentially all Solr versions prior to its fix in version 8.8.2. The ReplicationHandler in Solr has a "masterUrl" parameter that is used to designate another ReplicationHandler on another Solr core to replicate index data. To prevent a SSRF (Server-Side Request Forgery) vulnerability, Solr ought to check these parameters against a similar configuration it uses for the "shards" parameter. However, prior to the fix, it did not, making it extremely vulnerable to attacks.

Exploitation of this vulnerability can lead to attacks on the core, allowing attackers to execute arbitrary code in the context of the Solr instance. Attackers could also use the vulnerability to bypass firewalls and other security measures to gain access to sensitive data. In addition, attackers could use this vulnerability to launch other attacks, such as Distributed Denial of Service (DDoS) attacks.

Thanks to the pro features of the s4e.io platform, you can easily and quickly learn about vulnerabilities in your digital assets. By using this platform, you can stay ahead of potential vulnerabilities and threats, ensuring the integrity and security of your data. Don't wait until it's too late - sign up now and protect yourself against potential attacks by staying informed about the latest security threats and vulnerabilities.

REFERENCES

• https://lists.apache.org/thread.html/r0ddc3a82bd7523b1453cb7a5e09eb5559517145425074a42eb326b10%40%3Cannounce.apache.org%3E 
• https://security.netapp.com/advisory/ntap-20210611-0009/ 
• lists.apache.org: [solr-users] 20210618 CVE-2021-27905 Apache Solr ReplicationHandler/SSRF vulnerability 
• lists.apache.org: [solr-users] 20210618 Re: CVE-2021-27905 Apache Solr ReplicationHandler/SSRF vulnerability 
• lists.apache.org: [solr-users] 20210728 Re: CVE-2021-27905 Apache Solr ReplicationHandler/SSRF vulnerability 
• lists.apache.org: [ofbiz-notifications] 20210914 [jira] [Updated] (OFBIZ-12316) The Solr version included in OFBiz has an SSRF vulnerability (CVE-2021-27905) 
• lists.apache.org: [ofbiz-commits] 20210915 [ofbiz-plugins] branch release18.12 updated: Fixed: The Solr version included in OFBiz has an SSRF vulnerability (CVE-2021-27905) (OFBIZ-12316) 
• lists.apache.org: [ofbiz-notifications] 20210915 [jira] [Commented] (OFBIZ-12316) The Solr version included in OFBiz has an SSRF vulnerability (CVE-2021-27905)
• lists.apache.org: [ofbiz-notifications] 20210915 [jira] [Closed] (OFBIZ-12316) The Solr version included in OFBiz has an SSRF vulnerability (CVE-2021-27905) 
• lists.apache.org: [ofbiz-commits] 20210915 [ofbiz-plugins] branch trunk updated: Fixed: The Solr version included in OFBiz has an SSRF vulnerability (CVE-2021-27905) (OFBIZ-12316) 
• lists.apache.org: [ofbiz-commits] 20210915 [ofbiz-plugins] branch release17.12 updated: Fixed: The Solr version included in OFBiz has an SSRF vulnerability (CVE-2021-27905) (OFBIZ-12316) 
• lists.apache.org: [ofbiz-notifications] 20210915 [jira] [Updated] (OFBIZ-12316) The Solr version included in OFBiz has an SSRF vulnerability (CVE-2021-27905)