Severity: High

    Vendor: The Apache Software Foundation

    Versions Affected:
    5.0.0 to 5.5.5
    6.0.0 to 6.6.5

    Description:
    ConfigAPI allows to configure Solr’s JMX server via an HTTP POST request.
    By pointing it to a malicious RMI server, an attacker could take advantage
    of Solr’s unsafe deserialization to trigger remote code execution on the
    Solr side.

    Mitigation:
    Any of the following are enough to prevent this vulnerability:
    Upgrade to Apache Solr 7.0 or later.
     Disable the ConfigAPI if not in use, by running Solr with the system
    property “disable.configEdit=true”
    If upgrading or disabling the Config API are not viable options, apply
    patch in [1] and re-compile Solr.
     Ensure your network settings are configured so that only trusted traffic
    is allowed to ingress/egress your hosts running Solr.

    Credit:
    Michael Stepankin

    References:
    [1] https://issues.apache.org/jira/browse/SOLR-13301
    [2] https://wiki.apache.org/solr/SolrSecurity
    [3] PoC - https://github.com/mpgn/CVE-2019-0192