Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium
Apache Solr Log4Shell RCE - Vulnerability Database

Apache Solr Log4Shell RCE

Description

Due to vulnerabilities in Log4j library used by Apache Solr, an unauthenticated attacker can leak sensitive information or execute arbitrary code on the system.

Remediation

Upgrade to the latest version of Apache Solr

References

Apache projects affected by log4j CVE-2021-44228

Related Vulnerabilities

VMware vCenter Log4Shell RCE High
Common tags: Acumonitor Information Disclosure Code Execution
VMware Horizon Log4Shell RCE High
Common tags: Acumonitor Information Disclosure Code Execution
Ubiquiti Unifi Log4Shell RCE High
Common tags: Acumonitor Information Disclosure Code Execution
Apache OFBiz Log4Shell RCE High
Common tags: Acumonitor Information Disclosure Code Execution
XML external entity injection High
Common tags: Acumonitor Information Disclosure

Severity

High

Classification

CVE-2021-44228
CWE-78
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:A

Tags

Acumonitor
Information Disclosure
Code Execution