Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium
Apache Solr SSRF CVE-2017-3164 - Vulnerability Database

Apache Solr SSRF CVE-2017-3164

Description

Apache Solr select handler allows remote attackers to interact with internal network resources via Server Side Request Forgery (SSRF). Consult Web References for more information about this problem.

Remediation

Upgrade to Apache Solr 7.7.0 or later.

References

CVE-2017-3164
SSRF bible. Cheatsheet

Related Vulnerabilities

IBM ODM JNDI injection (CVE-2024-22319) Critical
Common tags: Code Execution Known Vulnerabilities Acumonitor
imgproxy SSRF (CVE-2023-30019) Medium
Common tags: Known Vulnerabilities Acumonitor SSRF
Oracle Business Intelligence ReportTemplateService XXE CVE-2019-2616 High
Common tags: Known Vulnerabilities Acumonitor SSRF
Apache OFBiz SSRF (CVE-2024-45507) Critical
Common tags: Known Vulnerabilities Acumonitor SSRF
Apache OFBiz SSRF (CVE-2023-50968) High
Common tags: Known Vulnerabilities Acumonitor SSRF

Severity

Medium

Classification

CVE-2017-3164
CWE-918
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N

Tags

Code Execution
Known Vulnerabilities
Acumonitor
SSRF