CVE-2017-7660
Vulnerability from cvelistv5
Published
2017-07-07 19:00
Modified
2024-09-16 18:13
Severity ?
EPSS score ?
Summary
Apache Solr uses a PKI based mechanism to secure inter-node communication when security is enabled. It is possible to create a specially crafted node name that does not exist as part of the cluster and point it to a malicious node. This can trick the nodes in cluster to believe that the malicious node is a member of the cluster. So, if Solr users have enabled BasicAuth authentication mechanism using the BasicAuthPlugin or if the user has implemented a custom Authentication plugin, which does not implement either "HttpClientInterceptorPlugin" or "HttpClientBuilderPlugin", his/her servers are vulnerable to this attack. Users who only use SSL without basic authentication or those who use Kerberos are not affected.
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Apache Software Foundation | Apache Solr |
Version: 5.3 to 5.5.4 Version: 6.0 to 6.5.1 |
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T16:12:28.137Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20181127-0003/" }, { "name": "[announce] 20170707 [SECURITY] CVE-2017-7660: Security Vulnerability in secure inter-node communication in Apache Solr", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "http://mail-archives.us.apache.org/mod_mbox/www-announce/201707.mbox/%3CCAOOKt53EgrybaD%2BiSn-nBbvFdse-szhg%3DhMoDZuvUvyMme-Z%3Dg%40mail.gmail.com%3E" }, { "name": "99485", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/99485" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Apache Solr", "vendor": "Apache Software Foundation", "versions": [ { "status": "affected", "version": "5.3 to 5.5.4" }, { "status": "affected", "version": "6.0 to 6.5.1" } ] } ], "datePublic": "2017-07-07T00:00:00", "descriptions": [ { "lang": "en", "value": "Apache Solr uses a PKI based mechanism to secure inter-node communication when security is enabled. It is possible to create a specially crafted node name that does not exist as part of the cluster and point it to a malicious node. This can trick the nodes in cluster to believe that the malicious node is a member of the cluster. So, if Solr users have enabled BasicAuth authentication mechanism using the BasicAuthPlugin or if the user has implemented a custom Authentication plugin, which does not implement either \"HttpClientInterceptorPlugin\" or \"HttpClientBuilderPlugin\", his/her servers are vulnerable to this attack. Users who only use SSL without basic authentication or those who use Kerberos are not affected." } ], "problemTypes": [ { "descriptions": [ { "description": "Information Disclosure", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-11-28T10:57:01", "orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09", "shortName": "apache" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "https://security.netapp.com/advisory/ntap-20181127-0003/" }, { "name": "[announce] 20170707 [SECURITY] CVE-2017-7660: Security Vulnerability in secure inter-node communication in Apache Solr", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "http://mail-archives.us.apache.org/mod_mbox/www-announce/201707.mbox/%3CCAOOKt53EgrybaD%2BiSn-nBbvFdse-szhg%3DhMoDZuvUvyMme-Z%3Dg%40mail.gmail.com%3E" }, { "name": "99485", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/99485" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "security@apache.org", "DATE_PUBLIC": "2017-07-07T00:00:00", "ID": "CVE-2017-7660", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Apache Solr", "version": { "version_data": [ { "version_value": "5.3 to 5.5.4" }, { "version_value": "6.0 to 6.5.1" } ] } } ] }, "vendor_name": "Apache Software Foundation" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Apache Solr uses a PKI based mechanism to secure inter-node communication when security is enabled. It is possible to create a specially crafted node name that does not exist as part of the cluster and point it to a malicious node. This can trick the nodes in cluster to believe that the malicious node is a member of the cluster. So, if Solr users have enabled BasicAuth authentication mechanism using the BasicAuthPlugin or if the user has implemented a custom Authentication plugin, which does not implement either \"HttpClientInterceptorPlugin\" or \"HttpClientBuilderPlugin\", his/her servers are vulnerable to this attack. Users who only use SSL without basic authentication or those who use Kerberos are not affected." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Information Disclosure" } ] } ] }, "references": { "reference_data": [ { "name": "https://security.netapp.com/advisory/ntap-20181127-0003/", "refsource": "CONFIRM", "url": "https://security.netapp.com/advisory/ntap-20181127-0003/" }, { "name": "[announce] 20170707 [SECURITY] CVE-2017-7660: Security Vulnerability in secure inter-node communication in Apache Solr", "refsource": "MLIST", "url": "http://mail-archives.us.apache.org/mod_mbox/www-announce/201707.mbox/%3CCAOOKt53EgrybaD%2BiSn-nBbvFdse-szhg%3DhMoDZuvUvyMme-Z%3Dg%40mail.gmail.com%3E" }, { "name": "99485", "refsource": "BID", "url": "http://www.securityfocus.com/bid/99485" } ] } } } }, "cveMetadata": { "assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09", "assignerShortName": "apache", "cveId": "CVE-2017-7660", "datePublished": "2017-07-07T19:00:00Z", "dateReserved": "2017-04-11T00:00:00", "dateUpdated": "2024-09-16T18:13:03.269Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1", "meta": { "nvd": "{\"cve\":{\"id\":\"CVE-2017-7660\",\"sourceIdentifier\":\"security@apache.org\",\"published\":\"2017-07-07T19:29:00.197\",\"lastModified\":\"2018-11-28T11:29:02.937\",\"vulnStatus\":\"Modified\",\"descriptions\":[{\"lang\":\"en\",\"value\":\"Apache Solr uses a PKI based mechanism to secure inter-node communication when security is enabled. It is possible to create a specially crafted node name that does not exist as part of the cluster and point it to a malicious node. This can trick the nodes in cluster to believe that the malicious node is a member of the cluster. So, if Solr users have enabled BasicAuth authentication mechanism using the BasicAuthPlugin or if the user has implemented a custom Authentication plugin, which does not implement either \\\"HttpClientInterceptorPlugin\\\" or \\\"HttpClientBuilderPlugin\\\", his/her servers are vulnerable to this attack. Users who only use SSL without basic authentication or those who use Kerberos are not affected.\"},{\"lang\":\"es\",\"value\":\"Apache Solr utiliza un mecanismo basado en PKI para proteger la comunicaci\u00f3n entre nodos cuando la seguridad est\u00e1 habilitada. Es posible crear un nombre de nodo especialmente elaborado que no existe como parte del cl\u00faster y apunta hacia un nodo malicioso. Esto puede enga\u00f1ar a los nodos del cl\u00faster para creer que el nodo malicioso es un miembro del cl\u00faster. Por lo tanto, si los usuarios de Solr han habilitado el mecanismo de autenticaci\u00f3n BasicAuth mediante BasicAuthPlugin o si el usuario ha implementado un complemento de autenticaci\u00f3n personalizado, que no implementa \\\"HttpClientInterceptorPlugin\\\" o \\\"HttpClientBuilderPlugin\\\", sus servidores son vulnerables a este ataque. Los usuarios que solo utilizan SSL sin autenticaci\u00f3n b\u00e1sica o aquellos que utilizan Kerberos no se ven afectados.\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"NONE\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:N/I:P/A:N\",\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"NONE\",\"baseScore\":5.0},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-287\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:solr:5.3.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6A15EC7D-D9FD-4BAF-AB39-3CDF36485557\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:solr:5.3.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B3BE5B93-258A-4CE9-990C-3B8447A6B454\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:solr:5.3.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1A6ECE67-ED5D-4188-9E67-3B4C91251D20\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:solr:5.4.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"78C579A3-DBF2-4B9A-9119-DD7854D1B74A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:solr:5.4.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FBB5011F-D3B0-4778-9EE6-052EFA99608D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:solr:5.5.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F5EABC66-0815-4B89-B0ED-2C44EC20F8DE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:solr:5.5.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E79098DA-B7D2-4A8A-9FD8-B1B4330DBA75\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:solr:5.5.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3541C154-9A45-4331-8C15-B0BABE388058\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:solr:5.5.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F38C7034-7432-4530-8CFC-A04F08300074\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:solr:5.5.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0DE8EEE3-1EC6-4277-86CA-6AF6CC5B7928\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:solr:6.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"29F3170C-C5D6-431F-A2DD-692636CF5DAB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:solr:6.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BA339070-A2BD-4559-B400-2BC2EB9923A7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:solr:6.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B737CF14-C14A-4D97-B838-47EC4A2C68C8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:solr:6.2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"036F935D-B469-47C6-AF5D-3DFC73070753\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:solr:6.2.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"42A1A17A-32EA-40A2-9A1E-6019B493B5C1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:solr:6.3.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"76557E9C-1F16-44D9-ACA1-F4DAEC966F05\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:solr:6.4.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DE068A02-D47A-4C6C-BFD3-040385599CA5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:solr:6.4.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9CB3F9EB-63DE-4780-A357-FE89D1DB70CA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:solr:6.4.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"099B5DFD-CCD9-4EE7-B49E-77EC286D5F19\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:solr:6.5.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"745CE558-1411-4356-9B79-2805FB4C80D7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:solr:6.5.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F9B41559-4695-467E-B7EA-B9D86127CFD7\"}]}]}],\"references\":[{\"url\":\"http://mail-archives.us.apache.org/mod_mbox/www-announce/201707.mbox/%3CCAOOKt53EgrybaD%2BiSn-nBbvFdse-szhg%3DhMoDZuvUvyMme-Z%3Dg%40mail.gmail.com%3E\",\"source\":\"security@apache.org\",\"tags\":[\"Mailing List\",\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/99485\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20181127-0003/\",\"source\":\"security@apache.org\"}]}}" } }
Loading…
Loading…
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.