Apache Solr Bug Gets Bumped Up to High Severity

A bug impacting the Linux enterprise-search platform called Apache Solr has been revised from low to high-severity after researchers discovered a new remote code execution exploit. The warning comes from Tenable, which is reporting that the newly-identified default configuration vulnerability could allow attackers to remotely execute code on affected hardware. The vulnerability (CVE-2019-12409) was first reported in July and patched in August. “Originally, the issue surfaced as being a low severity warning where anyone with access to the Java Management Extensions (JMX) port would be able to access monitoring data exposed over JMX,” said Scott Caveza, research engineering manager at Tenable. Since the bug was initially discovered, researchers have reevaluated the threat and escalated its severity to high-risk. “It appears a researcher reported that remote code execution was achievable and the vendor revised the bug report to reflect this and add the CVE,” Caveza told Threatpost. “The original notice about the low severity issue was on August 14, but the JIRA issue with the bug report (originally filed in July) was amended and updated.” Public disclosure and a security bulletin for the more serious RCE exploit was issued Tuesday. That flaw is tied to a configuration issue the solr.in.sh file in Apache Solr. “An unauthenticated attacker with the ability to reach the RMI port could leverage the vulnerability to upload malicious code to the server and then install a shell to…

Source