CVE-2019-17558 (GCVE-0-2019-17558)
Vulnerability from cvelistv5 – Published: 2019-12-30 16:36 – Updated: 2025-10-21 23:35
VLAI?
CISA
Summary
Apache Solr 5.0.0 to Apache Solr 8.3.1 are vulnerable to a Remote Code Execution through the VelocityResponseWriter. A Velocity template can be provided through Velocity templates in a configset `velocity/` directory or as a parameter. A user defined configset could contain renderable, potentially malicious, templates. Parameter provided templates are disabled by default, but can be enabled by setting `params.resource.loader.enabled` by defining a response writer with that setting set to `true`. Defining a response writer requires configuration API access. Solr 8.4 removed the params resource loader entirely, and only enables the configset-provided template rendering when the configset is `trusted` (has been uploaded by an authenticated user).
Severity ?
7.5 (High)
CWE
- Information Disclosure
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Apache Solr |
Affected:
Apache Solr 5.0.0 to Apache Solr 8.3.1
|
CISA Known Exploited Vulnerability
Data from the CISA Known Exploited Vulnerabilities Catalog
Date added: 2021-11-03
Due date: 2022-05-03
Required action: Apply updates per vendor instructions.
Used in ransomware: Unknown
Notes: https://nvd.nist.gov/vuln/detail/CVE-2019-17558
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T01:40:16.078Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "[lucene-issues] 20200107 [jira] [Commented] (SOLR-13971) CVE-2019-17558: Velocity custom template RCE vulnerability",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/rb964fe5c4e3fc05f75e8f74bf6b885f456b7a7750c36e9a8045c627a%40%3Cissues.lucene.apache.org%3E"
},
{
"name": "[lucene-issues] 20200108 [jira] [Commented] (SOLR-13971) CVE-2019-17558: Velocity custom template RCE vulnerability",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r9271d030452170ba6160c022757e1b5af8a4c9ccf9e04164dec02e7f%40%3Cissues.lucene.apache.org%3E"
},
{
"name": "[lucene-issues] 20200108 [jira] [Updated] (SOLR-14025) CVE-2019-17558: Velocity response writer RCE vulnerability persists after 8.3.1",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/ra29fa6ede5184385bf2c63e8ec054990a7d4622bba1d244bee70d82d%40%3Cissues.lucene.apache.org%3E"
},
{
"name": "[lucene-issues] 20200108 [GitHub] [lucene-solr] Sachpat opened a new pull request #1156: SOLR-13971",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r36e35fd76239a381643555966fb3e72139e018d52d76544fb42f96d8%40%3Cissues.lucene.apache.org%3E"
},
{
"name": "[lucene-issues] 20200108 [GitHub] [lucene-solr] Sachpat commented on a change in pull request #1156: SOLR-13971: CVE-2019-17558: Velocity custom template RCE vulnerability",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r5074d814d3a8c75df4b20e66bfd268ee0a73ddea7e85070cec3ae78d%40%3Cissues.lucene.apache.org%3E"
},
{
"name": "[lucene-issues] 20200108 [GitHub] [lucene-solr] artem-smotrakov commented on a change in pull request #1156: SOLR-13971: CVE-2019-17558: Velocity custom template RCE vulnerability",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/rf6d7ffae2b940114324e036b6394beadf27696d051ae0c4a5edf07af%40%3Cissues.lucene.apache.org%3E"
},
{
"name": "[lucene-issues] 20200108 [GitHub] [lucene-solr] Sachpat commented on issue #1156: SOLR-13971: CVE-2019-17558: Velocity custom template RCE vulnerability",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r58c58fe51c87bc30ee13bb8b4c83587f023edb349018705208e65b37%40%3Cissues.lucene.apache.org%3E"
},
{
"name": "[lucene-issues] 20200113 [GitHub] [lucene-solr] Sachpat closed pull request #1156: SOLR-13971: CVE-2019-17558: Velocity custom template RCE vulnerability",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r25f1bd4545617f5b86dde27b4c30fec73117af65598a30e20209739a%40%3Cissues.lucene.apache.org%3E"
},
{
"name": "[lucene-issues] 20200113 [jira] [Commented] (SOLR-14025) CVE-2019-17558: Velocity response writer RCE vulnerability persists after 8.3.1",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r12ab2cb15a34e49b4fecb5b2bdd7e10f3e8b7bf1f4f47fcde34d3a7c%40%3Cissues.lucene.apache.org%3E"
},
{
"name": "[lucene-issues] 20200113 [GitHub] [lucene-solr] chatman commented on issue #1156: SOLR-13971: CVE-2019-17558: Velocity custom template RCE vulnerability",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r99c3f7ec3a079e2abbd540ecdb55a0e2a0f349ca7084273a12e87aeb%40%3Cissues.lucene.apache.org%3E"
},
{
"name": "[lucene-issues] 20200113 [GitHub] [lucene-solr] Sachpat commented on issue #1156: SOLR-13971: CVE-2019-17558: Velocity custom template RCE vulnerability",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r0b7b9d4113e6ec1ae1d3d0898c645f758511107ea44f0f3a1210c5d5%40%3Cissues.lucene.apache.org%3E"
},
{
"name": "[lucene-dev] 20200213 Re: 7.7.3 bugfix release",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r339865b276614661770c909be1dd7e862232e3ef0af98bfd85686b51%40%3Cdev.lucene.apache.org%3E"
},
{
"name": "[lucene-dev] 20200214 Re: 7.7.3 bugfix release",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r19d23e8640236a3058b4d6c23e5cd663fde182255f5a9d63e0606a66%40%3Cdev.lucene.apache.org%3E"
},
{
"name": "[lucene-issues] 20200219 [jira] [Updated] (SOLR-14025) CVE-2019-17558: Velocity response writer RCE vulnerability persists after 8.3.1",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/rafc939fdd753f55707841cd5886fc7fcad4d8d8ba0c72429b3220a9a%40%3Cissues.lucene.apache.org%3E"
},
{
"name": "[ambari-issues] 20200220 [jira] [Created] (AMBARI-25482) solr dependence CVE-2019-17558",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/rde3dbd8e646dabf8bef1b097e9a13ee0ecbdb8441aaed6092726c98d%40%3Cissues.ambari.apache.org%3E"
},
{
"name": "[lucene-solr-user] 20200320 CVEs (vulnerabilities) that apply to Solr 8.4.1",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r204ba2a9ea750f38d789d2bb429cc0925ad6133deea7cbc3001d96b5%40%3Csolr-user.lucene.apache.org%3E"
},
{
"name": "[lucene-solr-user] 20200320 Re: CVEs (vulnerabilities) that apply to Solr 8.4.1",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/rf5230a049d989dbfdd404b4320a265dceeeba459a4d04ec21873bd55%40%3Csolr-user.lucene.apache.org%3E"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.oracle.com/security-alerts/cpuoct2020.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://issues.apache.org/jira/browse/SOLR-13971"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/157078/Apache-Solr-8.3.0-Velocity-Template-Remote-Code-Execution.html"
},
{
"name": "[submarine-commits] 20201209 [GitHub] [submarine] QiAnXinCodeSafe opened a new issue #474: There is a vulnerability in Apache Solr 5.5.4,upgrade recommended",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/rc400db37710ee79378b6c52de3640493ff538c2beb41cefdbbdf2ab8%40%3Ccommits.submarine.apache.org%3E"
},
{
"name": "[lucene-solr-user] 20210203 Re: SolrCloud keeps crashing",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r79c7e75f90e735fd32c4e3e97340625aab66c09dfe8c4dc0ab768b69%40%3Csolr-user.lucene.apache.org%3E"
},
{
"name": "[lucene-issues] 20210210 [GitHub] [lucene-solr] rhtham edited a comment on pull request #1156: SOLR-13971: CVE-2019-17558: Velocity custom template RCE vulnerability",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/re8d12db916b5582a23ed144b9c5abd0bea0be1649231aa880f6cbfff%40%3Cissues.lucene.apache.org%3E"
},
{
"name": "[lucene-issues] 20210210 [GitHub] [lucene-solr] rhtham commented on pull request #1156: SOLR-13971: CVE-2019-17558: Velocity custom template RCE vulnerability",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r8a36e4f92f4449dec517e560e1b55639f31b3aca26c37bbad45e31de%40%3Cissues.lucene.apache.org%3E"
},
{
"name": "[lucene-solr-user] 20210212 CVE-2019-17558 on SOLR 6.1",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r7b89b3dcfc1b6c52dd8d610b897ac98408245040c92b484fe97a51a2%40%3Csolr-user.lucene.apache.org%3E"
},
{
"name": "[lucene-solr-user] 20210212 Re: CVE-2019-17558 on SOLR 6.1",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r8e7a3c253a695a7667da0b0ec57f9bb0e31f039e62afbc00a1d96f7b%40%3Csolr-user.lucene.apache.org%3E"
},
{
"name": "[lucene-solr-user] 20210213 Re: CVE-2019-17558 on SOLR 6.1",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r5dc200f7337093285bac40e6d5de5ea66597c3da343a0f7553f1bb12%40%3Csolr-user.lucene.apache.org%3E"
},
{
"name": "[lucene-issues] 20210315 [GitHub] [lucene-solr] erikhatcher commented on pull request #1156: SOLR-13971: CVE-2019-17558: Velocity custom template RCE vulnerability",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r7f21ab40a9b17b1a703db84ac56773fcabacd4cc1eb5c4700d17c071%40%3Cissues.lucene.apache.org%3E"
},
{
"name": "[druid-commits] 20210324 [GitHub] [druid] jihoonson opened a new pull request #11030: Suppress cves",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r1d4a247329a8478073163567bbc8c8cb6b49c6bfc2bf58153a857af1%40%3Ccommits.druid.apache.org%3E"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2019-17558",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-06T21:05:04.665287Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2021-11-03",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2019-17558"
},
"type": "kev"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-74",
"description": "CWE-74 Improper Neutralization of Special Elements in Output Used by a Downstream Component (\u0027Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-21T23:35:54.150Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"government-resource"
],
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2019-17558"
}
],
"timeline": [
{
"lang": "en",
"time": "2021-11-03T00:00:00+00:00",
"value": "CVE-2019-17558 added to CISA KEV"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Apache Solr",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Apache Solr 5.0.0 to Apache Solr 8.3.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Apache Solr 5.0.0 to Apache Solr 8.3.1 are vulnerable to a Remote Code Execution through the VelocityResponseWriter. A Velocity template can be provided through Velocity templates in a configset `velocity/` directory or as a parameter. A user defined configset could contain renderable, potentially malicious, templates. Parameter provided templates are disabled by default, but can be enabled by setting `params.resource.loader.enabled` by defining a response writer with that setting set to `true`. Defining a response writer requires configuration API access. Solr 8.4 removed the params resource loader entirely, and only enables the configset-provided template rendering when the configset is `trusted` (has been uploaded by an authenticated user)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information Disclosure",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-03-25T00:06:22.000Z",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"name": "[lucene-issues] 20200107 [jira] [Commented] (SOLR-13971) CVE-2019-17558: Velocity custom template RCE vulnerability",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/rb964fe5c4e3fc05f75e8f74bf6b885f456b7a7750c36e9a8045c627a%40%3Cissues.lucene.apache.org%3E"
},
{
"name": "[lucene-issues] 20200108 [jira] [Commented] (SOLR-13971) CVE-2019-17558: Velocity custom template RCE vulnerability",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r9271d030452170ba6160c022757e1b5af8a4c9ccf9e04164dec02e7f%40%3Cissues.lucene.apache.org%3E"
},
{
"name": "[lucene-issues] 20200108 [jira] [Updated] (SOLR-14025) CVE-2019-17558: Velocity response writer RCE vulnerability persists after 8.3.1",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/ra29fa6ede5184385bf2c63e8ec054990a7d4622bba1d244bee70d82d%40%3Cissues.lucene.apache.org%3E"
},
{
"name": "[lucene-issues] 20200108 [GitHub] [lucene-solr] Sachpat opened a new pull request #1156: SOLR-13971",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r36e35fd76239a381643555966fb3e72139e018d52d76544fb42f96d8%40%3Cissues.lucene.apache.org%3E"
},
{
"name": "[lucene-issues] 20200108 [GitHub] [lucene-solr] Sachpat commented on a change in pull request #1156: SOLR-13971: CVE-2019-17558: Velocity custom template RCE vulnerability",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r5074d814d3a8c75df4b20e66bfd268ee0a73ddea7e85070cec3ae78d%40%3Cissues.lucene.apache.org%3E"
},
{
"name": "[lucene-issues] 20200108 [GitHub] [lucene-solr] artem-smotrakov commented on a change in pull request #1156: SOLR-13971: CVE-2019-17558: Velocity custom template RCE vulnerability",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/rf6d7ffae2b940114324e036b6394beadf27696d051ae0c4a5edf07af%40%3Cissues.lucene.apache.org%3E"
},
{
"name": "[lucene-issues] 20200108 [GitHub] [lucene-solr] Sachpat commented on issue #1156: SOLR-13971: CVE-2019-17558: Velocity custom template RCE vulnerability",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r58c58fe51c87bc30ee13bb8b4c83587f023edb349018705208e65b37%40%3Cissues.lucene.apache.org%3E"
},
{
"name": "[lucene-issues] 20200113 [GitHub] [lucene-solr] Sachpat closed pull request #1156: SOLR-13971: CVE-2019-17558: Velocity custom template RCE vulnerability",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r25f1bd4545617f5b86dde27b4c30fec73117af65598a30e20209739a%40%3Cissues.lucene.apache.org%3E"
},
{
"name": "[lucene-issues] 20200113 [jira] [Commented] (SOLR-14025) CVE-2019-17558: Velocity response writer RCE vulnerability persists after 8.3.1",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r12ab2cb15a34e49b4fecb5b2bdd7e10f3e8b7bf1f4f47fcde34d3a7c%40%3Cissues.lucene.apache.org%3E"
},
{
"name": "[lucene-issues] 20200113 [GitHub] [lucene-solr] chatman commented on issue #1156: SOLR-13971: CVE-2019-17558: Velocity custom template RCE vulnerability",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r99c3f7ec3a079e2abbd540ecdb55a0e2a0f349ca7084273a12e87aeb%40%3Cissues.lucene.apache.org%3E"
},
{
"name": "[lucene-issues] 20200113 [GitHub] [lucene-solr] Sachpat commented on issue #1156: SOLR-13971: CVE-2019-17558: Velocity custom template RCE vulnerability",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r0b7b9d4113e6ec1ae1d3d0898c645f758511107ea44f0f3a1210c5d5%40%3Cissues.lucene.apache.org%3E"
},
{
"name": "[lucene-dev] 20200213 Re: 7.7.3 bugfix release",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r339865b276614661770c909be1dd7e862232e3ef0af98bfd85686b51%40%3Cdev.lucene.apache.org%3E"
},
{
"name": "[lucene-dev] 20200214 Re: 7.7.3 bugfix release",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r19d23e8640236a3058b4d6c23e5cd663fde182255f5a9d63e0606a66%40%3Cdev.lucene.apache.org%3E"
},
{
"name": "[lucene-issues] 20200219 [jira] [Updated] (SOLR-14025) CVE-2019-17558: Velocity response writer RCE vulnerability persists after 8.3.1",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/rafc939fdd753f55707841cd5886fc7fcad4d8d8ba0c72429b3220a9a%40%3Cissues.lucene.apache.org%3E"
},
{
"name": "[ambari-issues] 20200220 [jira] [Created] (AMBARI-25482) solr dependence CVE-2019-17558",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/rde3dbd8e646dabf8bef1b097e9a13ee0ecbdb8441aaed6092726c98d%40%3Cissues.ambari.apache.org%3E"
},
{
"name": "[lucene-solr-user] 20200320 CVEs (vulnerabilities) that apply to Solr 8.4.1",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r204ba2a9ea750f38d789d2bb429cc0925ad6133deea7cbc3001d96b5%40%3Csolr-user.lucene.apache.org%3E"
},
{
"name": "[lucene-solr-user] 20200320 Re: CVEs (vulnerabilities) that apply to Solr 8.4.1",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/rf5230a049d989dbfdd404b4320a265dceeeba459a4d04ec21873bd55%40%3Csolr-user.lucene.apache.org%3E"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.oracle.com/security-alerts/cpuoct2020.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://issues.apache.org/jira/browse/SOLR-13971"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/157078/Apache-Solr-8.3.0-Velocity-Template-Remote-Code-Execution.html"
},
{
"name": "[submarine-commits] 20201209 [GitHub] [submarine] QiAnXinCodeSafe opened a new issue #474: There is a vulnerability in Apache Solr 5.5.4,upgrade recommended",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/rc400db37710ee79378b6c52de3640493ff538c2beb41cefdbbdf2ab8%40%3Ccommits.submarine.apache.org%3E"
},
{
"name": "[lucene-solr-user] 20210203 Re: SolrCloud keeps crashing",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r79c7e75f90e735fd32c4e3e97340625aab66c09dfe8c4dc0ab768b69%40%3Csolr-user.lucene.apache.org%3E"
},
{
"name": "[lucene-issues] 20210210 [GitHub] [lucene-solr] rhtham edited a comment on pull request #1156: SOLR-13971: CVE-2019-17558: Velocity custom template RCE vulnerability",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/re8d12db916b5582a23ed144b9c5abd0bea0be1649231aa880f6cbfff%40%3Cissues.lucene.apache.org%3E"
},
{
"name": "[lucene-issues] 20210210 [GitHub] [lucene-solr] rhtham commented on pull request #1156: SOLR-13971: CVE-2019-17558: Velocity custom template RCE vulnerability",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r8a36e4f92f4449dec517e560e1b55639f31b3aca26c37bbad45e31de%40%3Cissues.lucene.apache.org%3E"
},
{
"name": "[lucene-solr-user] 20210212 CVE-2019-17558 on SOLR 6.1",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r7b89b3dcfc1b6c52dd8d610b897ac98408245040c92b484fe97a51a2%40%3Csolr-user.lucene.apache.org%3E"
},
{
"name": "[lucene-solr-user] 20210212 Re: CVE-2019-17558 on SOLR 6.1",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r8e7a3c253a695a7667da0b0ec57f9bb0e31f039e62afbc00a1d96f7b%40%3Csolr-user.lucene.apache.org%3E"
},
{
"name": "[lucene-solr-user] 20210213 Re: CVE-2019-17558 on SOLR 6.1",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r5dc200f7337093285bac40e6d5de5ea66597c3da343a0f7553f1bb12%40%3Csolr-user.lucene.apache.org%3E"
},
{
"name": "[lucene-issues] 20210315 [GitHub] [lucene-solr] erikhatcher commented on pull request #1156: SOLR-13971: CVE-2019-17558: Velocity custom template RCE vulnerability",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r7f21ab40a9b17b1a703db84ac56773fcabacd4cc1eb5c4700d17c071%40%3Cissues.lucene.apache.org%3E"
},
{
"name": "[druid-commits] 20210324 [GitHub] [druid] jihoonson opened a new pull request #11030: Suppress cves",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r1d4a247329a8478073163567bbc8c8cb6b49c6bfc2bf58153a857af1%40%3Ccommits.druid.apache.org%3E"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@apache.org",
"ID": "CVE-2019-17558",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Apache Solr",
"version": {
"version_data": [
{
"version_value": "Apache Solr 5.0.0 to Apache Solr 8.3.1"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Apache Solr 5.0.0 to Apache Solr 8.3.1 are vulnerable to a Remote Code Execution through the VelocityResponseWriter. A Velocity template can be provided through Velocity templates in a configset `velocity/` directory or as a parameter. A user defined configset could contain renderable, potentially malicious, templates. Parameter provided templates are disabled by default, but can be enabled by setting `params.resource.loader.enabled` by defining a response writer with that setting set to `true`. Defining a response writer requires configuration API access. Solr 8.4 removed the params resource loader entirely, and only enables the configset-provided template rendering when the configset is `trusted` (has been uploaded by an authenticated user)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information Disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[lucene-issues] 20200107 [jira] [Commented] (SOLR-13971) CVE-2019-17558: Velocity custom template RCE vulnerability",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/rb964fe5c4e3fc05f75e8f74bf6b885f456b7a7750c36e9a8045c627a@%3Cissues.lucene.apache.org%3E"
},
{
"name": "[lucene-issues] 20200108 [jira] [Commented] (SOLR-13971) CVE-2019-17558: Velocity custom template RCE vulnerability",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r9271d030452170ba6160c022757e1b5af8a4c9ccf9e04164dec02e7f@%3Cissues.lucene.apache.org%3E"
},
{
"name": "[lucene-issues] 20200108 [jira] [Updated] (SOLR-14025) CVE-2019-17558: Velocity response writer RCE vulnerability persists after 8.3.1",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/ra29fa6ede5184385bf2c63e8ec054990a7d4622bba1d244bee70d82d@%3Cissues.lucene.apache.org%3E"
},
{
"name": "[lucene-issues] 20200108 [GitHub] [lucene-solr] Sachpat opened a new pull request #1156: SOLR-13971",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r36e35fd76239a381643555966fb3e72139e018d52d76544fb42f96d8@%3Cissues.lucene.apache.org%3E"
},
{
"name": "[lucene-issues] 20200108 [GitHub] [lucene-solr] Sachpat commented on a change in pull request #1156: SOLR-13971: CVE-2019-17558: Velocity custom template RCE vulnerability",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r5074d814d3a8c75df4b20e66bfd268ee0a73ddea7e85070cec3ae78d@%3Cissues.lucene.apache.org%3E"
},
{
"name": "[lucene-issues] 20200108 [GitHub] [lucene-solr] artem-smotrakov commented on a change in pull request #1156: SOLR-13971: CVE-2019-17558: Velocity custom template RCE vulnerability",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/rf6d7ffae2b940114324e036b6394beadf27696d051ae0c4a5edf07af@%3Cissues.lucene.apache.org%3E"
},
{
"name": "[lucene-issues] 20200108 [GitHub] [lucene-solr] Sachpat commented on issue #1156: SOLR-13971: CVE-2019-17558: Velocity custom template RCE vulnerability",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r58c58fe51c87bc30ee13bb8b4c83587f023edb349018705208e65b37@%3Cissues.lucene.apache.org%3E"
},
{
"name": "[lucene-issues] 20200113 [GitHub] [lucene-solr] Sachpat closed pull request #1156: SOLR-13971: CVE-2019-17558: Velocity custom template RCE vulnerability",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r25f1bd4545617f5b86dde27b4c30fec73117af65598a30e20209739a@%3Cissues.lucene.apache.org%3E"
},
{
"name": "[lucene-issues] 20200113 [jira] [Commented] (SOLR-14025) CVE-2019-17558: Velocity response writer RCE vulnerability persists after 8.3.1",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r12ab2cb15a34e49b4fecb5b2bdd7e10f3e8b7bf1f4f47fcde34d3a7c@%3Cissues.lucene.apache.org%3E"
},
{
"name": "[lucene-issues] 20200113 [GitHub] [lucene-solr] chatman commented on issue #1156: SOLR-13971: CVE-2019-17558: Velocity custom template RCE vulnerability",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r99c3f7ec3a079e2abbd540ecdb55a0e2a0f349ca7084273a12e87aeb@%3Cissues.lucene.apache.org%3E"
},
{
"name": "[lucene-issues] 20200113 [GitHub] [lucene-solr] Sachpat commented on issue #1156: SOLR-13971: CVE-2019-17558: Velocity custom template RCE vulnerability",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r0b7b9d4113e6ec1ae1d3d0898c645f758511107ea44f0f3a1210c5d5@%3Cissues.lucene.apache.org%3E"
},
{
"name": "[lucene-dev] 20200213 Re: 7.7.3 bugfix release",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r339865b276614661770c909be1dd7e862232e3ef0af98bfd85686b51@%3Cdev.lucene.apache.org%3E"
},
{
"name": "[lucene-dev] 20200214 Re: 7.7.3 bugfix release",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r19d23e8640236a3058b4d6c23e5cd663fde182255f5a9d63e0606a66@%3Cdev.lucene.apache.org%3E"
},
{
"name": "[lucene-issues] 20200219 [jira] [Updated] (SOLR-14025) CVE-2019-17558: Velocity response writer RCE vulnerability persists after 8.3.1",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/rafc939fdd753f55707841cd5886fc7fcad4d8d8ba0c72429b3220a9a@%3Cissues.lucene.apache.org%3E"
},
{
"name": "[ambari-issues] 20200220 [jira] [Created] (AMBARI-25482) solr dependence CVE-2019-17558",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/rde3dbd8e646dabf8bef1b097e9a13ee0ecbdb8441aaed6092726c98d@%3Cissues.ambari.apache.org%3E"
},
{
"name": "[lucene-solr-user] 20200320 CVEs (vulnerabilities) that apply to Solr 8.4.1",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r204ba2a9ea750f38d789d2bb429cc0925ad6133deea7cbc3001d96b5@%3Csolr-user.lucene.apache.org%3E"
},
{
"name": "[lucene-solr-user] 20200320 Re: CVEs (vulnerabilities) that apply to Solr 8.4.1",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/rf5230a049d989dbfdd404b4320a265dceeeba459a4d04ec21873bd55@%3Csolr-user.lucene.apache.org%3E"
},
{
"name": "https://www.oracle.com/security-alerts/cpuoct2020.html",
"refsource": "MISC",
"url": "https://www.oracle.com/security-alerts/cpuoct2020.html"
},
{
"name": "https://issues.apache.org/jira/browse/SOLR-13971",
"refsource": "MISC",
"url": "https://issues.apache.org/jira/browse/SOLR-13971"
},
{
"name": "http://packetstormsecurity.com/files/157078/Apache-Solr-8.3.0-Velocity-Template-Remote-Code-Execution.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/157078/Apache-Solr-8.3.0-Velocity-Template-Remote-Code-Execution.html"
},
{
"name": "[submarine-commits] 20201209 [GitHub] [submarine] QiAnXinCodeSafe opened a new issue #474: There is a vulnerability in Apache Solr 5.5.4,upgrade recommended",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/rc400db37710ee79378b6c52de3640493ff538c2beb41cefdbbdf2ab8@%3Ccommits.submarine.apache.org%3E"
},
{
"name": "[lucene-solr-user] 20210203 Re: SolrCloud keeps crashing",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r79c7e75f90e735fd32c4e3e97340625aab66c09dfe8c4dc0ab768b69@%3Csolr-user.lucene.apache.org%3E"
},
{
"name": "[lucene-issues] 20210210 [GitHub] [lucene-solr] rhtham edited a comment on pull request #1156: SOLR-13971: CVE-2019-17558: Velocity custom template RCE vulnerability",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/re8d12db916b5582a23ed144b9c5abd0bea0be1649231aa880f6cbfff@%3Cissues.lucene.apache.org%3E"
},
{
"name": "[lucene-issues] 20210210 [GitHub] [lucene-solr] rhtham commented on pull request #1156: SOLR-13971: CVE-2019-17558: Velocity custom template RCE vulnerability",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r8a36e4f92f4449dec517e560e1b55639f31b3aca26c37bbad45e31de@%3Cissues.lucene.apache.org%3E"
},
{
"name": "[lucene-solr-user] 20210212 CVE-2019-17558 on SOLR 6.1",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r7b89b3dcfc1b6c52dd8d610b897ac98408245040c92b484fe97a51a2@%3Csolr-user.lucene.apache.org%3E"
},
{
"name": "[lucene-solr-user] 20210212 Re: CVE-2019-17558 on SOLR 6.1",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r8e7a3c253a695a7667da0b0ec57f9bb0e31f039e62afbc00a1d96f7b@%3Csolr-user.lucene.apache.org%3E"
},
{
"name": "[lucene-solr-user] 20210213 Re: CVE-2019-17558 on SOLR 6.1",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r5dc200f7337093285bac40e6d5de5ea66597c3da343a0f7553f1bb12@%3Csolr-user.lucene.apache.org%3E"
},
{
"name": "[lucene-issues] 20210315 [GitHub] [lucene-solr] erikhatcher commented on pull request #1156: SOLR-13971: CVE-2019-17558: Velocity custom template RCE vulnerability",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r7f21ab40a9b17b1a703db84ac56773fcabacd4cc1eb5c4700d17c071@%3Cissues.lucene.apache.org%3E"
},
{
"name": "[druid-commits] 20210324 [GitHub] [druid] jihoonson opened a new pull request #11030: Suppress cves",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r1d4a247329a8478073163567bbc8c8cb6b49c6bfc2bf58153a857af1@%3Ccommits.druid.apache.org%3E"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2019-17558",
"datePublished": "2019-12-30T16:36:08.000Z",
"dateReserved": "2019-10-14T00:00:00.000Z",
"dateUpdated": "2025-10-21T23:35:54.150Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"cisa_known_exploited": {
"cveID": "CVE-2019-17558",
"cwes": "[\"CWE-74\"]",
"dateAdded": "2021-11-03",
"dueDate": "2022-05-03",
"knownRansomwareCampaignUse": "Unknown",
"notes": "https://nvd.nist.gov/vuln/detail/CVE-2019-17558",
"product": "Solr",
"requiredAction": "Apply updates per vendor instructions.",
"shortDescription": "The Apache Solr VelocityResponseWriter plug-in contains an unspecified vulnerability which can allow for remote code execution.",
"vendorProject": "Apache",
"vulnerabilityName": "Apache Solr VelocityResponseWriter Plug-In Remote Code Execution Vulnerability"
},
"fkie_nvd": {
"cisaActionDue": "2022-05-03",
"cisaExploitAdd": "2021-11-03",
"cisaRequiredAction": "Apply updates per vendor instructions.",
"cisaVulnerabilityName": "Apache Solr VelocityResponseWriter Plug-In Remote Code Execution Vulnerability",
"configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:solr:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"5.0.0\", \"versionEndExcluding\": \"7.7.3\", \"matchCriteriaId\": \"FB21C976-BDB8-4C23-8D75-D80EED433743\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:solr:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"8.0.0\", \"versionEndExcluding\": \"8.4.0\", \"matchCriteriaId\": \"4AE21606-4430-4CE0-ACFE-860199DC6D96\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:primavera_unifier:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"17.7\", \"versionEndIncluding\": \"17.12\", \"matchCriteriaId\": \"08FA59A8-6A62-4B33-8952-D6E658F8DAC9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:primavera_unifier:16.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D55A54FD-7DD1-49CD-BE81-0BE73990943C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:primavera_unifier:16.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"82EB08C0-2D46-4635-88DF-E54F6452D3A3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:primavera_unifier:18.8:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"202AD518-2E9B-4062-B063-9858AE1F9CE2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:primavera_unifier:19.12:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"10864586-270E-4ACF-BDCC-ECFCD299305F\"}]}]}]",
"descriptions": "[{\"lang\": \"en\", \"value\": \"Apache Solr 5.0.0 to Apache Solr 8.3.1 are vulnerable to a Remote Code Execution through the VelocityResponseWriter. A Velocity template can be provided through Velocity templates in a configset `velocity/` directory or as a parameter. A user defined configset could contain renderable, potentially malicious, templates. Parameter provided templates are disabled by default, but can be enabled by setting `params.resource.loader.enabled` by defining a response writer with that setting set to `true`. Defining a response writer requires configuration API access. Solr 8.4 removed the params resource loader entirely, and only enables the configset-provided template rendering when the configset is `trusted` (has been uploaded by an authenticated user).\"}, {\"lang\": \"es\", \"value\": \"Apache Solr versi\\u00f3n 5.0.0 hasta Apache Solr versi\\u00f3n 8.3.1 son vulnerables a una ejecuci\\u00f3n de c\\u00f3digo remota por medio de la funci\\u00f3n VelocityResponseWriter. Se puede proporcionar una plantilla Velocity por medio de plantillas Velocity en un directorio configset \\\"velocity/\\\" o como un par\\u00e1metro. Un configset definido por el usuario podr\\u00eda contener plantillas renderizables, potencialmente maliciosas. Las plantillas proporcionadas por los par\\u00e1metros est\\u00e1n deshabilitadas por defecto, pero pueden ser habilitadas configurando \\\"params.resource.loader.enabled\\\" definiendo un escritor de respuestas con esa configuraci\\u00f3n establecida en \\\"true\\\". La definici\\u00f3n de un escritor de respuestas requiere acceso a la API de configuraci\\u00f3n. Solr versi\\u00f3n 8.4 elimin\\u00f3 por completo el cargador de recursos params, y solo habilita la renderizaci\\u00f3n de la plantilla proporcionada por el configset cuando el configset es \\\"trusted\\\" (ha sido cargado por parte de un usuario autenticado).\"}]",
"id": "CVE-2019-17558",
"lastModified": "2024-11-21T04:32:31.450",
"metrics": "{\"cvssMetricV31\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 7.5, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"HIGH\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 1.6, \"impactScore\": 5.9}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:H/Au:S/C:P/I:P/A:P\", \"baseScore\": 4.6, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"HIGH\", \"authentication\": \"SINGLE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 3.9, \"impactScore\": 6.4, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
"published": "2019-12-30T17:15:19.780",
"references": "[{\"url\": \"http://packetstormsecurity.com/files/157078/Apache-Solr-8.3.0-Velocity-Template-Remote-Code-Execution.html\", \"source\": \"security@apache.org\", \"tags\": [\"Exploit\", \"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://issues.apache.org/jira/browse/SOLR-13971\", \"source\": \"security@apache.org\", \"tags\": [\"Exploit\", \"Issue Tracking\", \"Patch\", \"Vendor Advisory\"]}, {\"url\": \"https://lists.apache.org/thread.html/r0b7b9d4113e6ec1ae1d3d0898c645f758511107ea44f0f3a1210c5d5%40%3Cissues.lucene.apache.org%3E\", \"source\": \"security@apache.org\", \"tags\": [\"Mailing List\"]}, {\"url\": \"https://lists.apache.org/thread.html/r12ab2cb15a34e49b4fecb5b2bdd7e10f3e8b7bf1f4f47fcde34d3a7c%40%3Cissues.lucene.apache.org%3E\", \"source\": \"security@apache.org\", \"tags\": [\"Mailing List\"]}, {\"url\": \"https://lists.apache.org/thread.html/r19d23e8640236a3058b4d6c23e5cd663fde182255f5a9d63e0606a66%40%3Cdev.lucene.apache.org%3E\", \"source\": \"security@apache.org\", \"tags\": [\"Mailing List\"]}, {\"url\": \"https://lists.apache.org/thread.html/r1d4a247329a8478073163567bbc8c8cb6b49c6bfc2bf58153a857af1%40%3Ccommits.druid.apache.org%3E\", \"source\": \"security@apache.org\", \"tags\": [\"Mailing List\"]}, {\"url\": \"https://lists.apache.org/thread.html/r204ba2a9ea750f38d789d2bb429cc0925ad6133deea7cbc3001d96b5%40%3Csolr-user.lucene.apache.org%3E\", \"source\": \"security@apache.org\", \"tags\": [\"Mailing List\"]}, {\"url\": \"https://lists.apache.org/thread.html/r25f1bd4545617f5b86dde27b4c30fec73117af65598a30e20209739a%40%3Cissues.lucene.apache.org%3E\", \"source\": \"security@apache.org\", \"tags\": [\"Mailing List\"]}, {\"url\": \"https://lists.apache.org/thread.html/r339865b276614661770c909be1dd7e862232e3ef0af98bfd85686b51%40%3Cdev.lucene.apache.org%3E\", \"source\": \"security@apache.org\", \"tags\": [\"Issue Tracking\", \"Mailing List\"]}, {\"url\": \"https://lists.apache.org/thread.html/r36e35fd76239a381643555966fb3e72139e018d52d76544fb42f96d8%40%3Cissues.lucene.apache.org%3E\", \"source\": \"security@apache.org\", \"tags\": [\"Issue Tracking\", \"Mailing List\"]}, {\"url\": \"https://lists.apache.org/thread.html/r5074d814d3a8c75df4b20e66bfd268ee0a73ddea7e85070cec3ae78d%40%3Cissues.lucene.apache.org%3E\", \"source\": \"security@apache.org\", \"tags\": [\"Exploit\", \"Mailing List\"]}, {\"url\": \"https://lists.apache.org/thread.html/r58c58fe51c87bc30ee13bb8b4c83587f023edb349018705208e65b37%40%3Cissues.lucene.apache.org%3E\", \"source\": \"security@apache.org\", \"tags\": [\"Mailing List\"]}, {\"url\": \"https://lists.apache.org/thread.html/r5dc200f7337093285bac40e6d5de5ea66597c3da343a0f7553f1bb12%40%3Csolr-user.lucene.apache.org%3E\", \"source\": \"security@apache.org\", \"tags\": [\"Mailing List\"]}, {\"url\": \"https://lists.apache.org/thread.html/r79c7e75f90e735fd32c4e3e97340625aab66c09dfe8c4dc0ab768b69%40%3Csolr-user.lucene.apache.org%3E\", \"source\": \"security@apache.org\", \"tags\": [\"Mailing List\"]}, {\"url\": \"https://lists.apache.org/thread.html/r7b89b3dcfc1b6c52dd8d610b897ac98408245040c92b484fe97a51a2%40%3Csolr-user.lucene.apache.org%3E\", \"source\": \"security@apache.org\", \"tags\": [\"Mailing List\"]}, {\"url\": \"https://lists.apache.org/thread.html/r7f21ab40a9b17b1a703db84ac56773fcabacd4cc1eb5c4700d17c071%40%3Cissues.lucene.apache.org%3E\", \"source\": \"security@apache.org\", \"tags\": [\"Mailing List\"]}, {\"url\": \"https://lists.apache.org/thread.html/r8a36e4f92f4449dec517e560e1b55639f31b3aca26c37bbad45e31de%40%3Cissues.lucene.apache.org%3E\", \"source\": \"security@apache.org\", \"tags\": [\"Mailing List\"]}, {\"url\": \"https://lists.apache.org/thread.html/r8e7a3c253a695a7667da0b0ec57f9bb0e31f039e62afbc00a1d96f7b%40%3Csolr-user.lucene.apache.org%3E\", \"source\": \"security@apache.org\", \"tags\": [\"Mailing List\"]}, {\"url\": \"https://lists.apache.org/thread.html/r9271d030452170ba6160c022757e1b5af8a4c9ccf9e04164dec02e7f%40%3Cissues.lucene.apache.org%3E\", \"source\": \"security@apache.org\", \"tags\": [\"Mailing List\"]}, {\"url\": \"https://lists.apache.org/thread.html/r99c3f7ec3a079e2abbd540ecdb55a0e2a0f349ca7084273a12e87aeb%40%3Cissues.lucene.apache.org%3E\", \"source\": \"security@apache.org\", \"tags\": [\"Mailing List\"]}, {\"url\": \"https://lists.apache.org/thread.html/ra29fa6ede5184385bf2c63e8ec054990a7d4622bba1d244bee70d82d%40%3Cissues.lucene.apache.org%3E\", \"source\": \"security@apache.org\", \"tags\": [\"Mailing List\"]}, {\"url\": \"https://lists.apache.org/thread.html/rafc939fdd753f55707841cd5886fc7fcad4d8d8ba0c72429b3220a9a%40%3Cissues.lucene.apache.org%3E\", \"source\": \"security@apache.org\", \"tags\": [\"Mailing List\"]}, {\"url\": \"https://lists.apache.org/thread.html/rb964fe5c4e3fc05f75e8f74bf6b885f456b7a7750c36e9a8045c627a%40%3Cissues.lucene.apache.org%3E\", \"source\": \"security@apache.org\", \"tags\": [\"Mailing List\"]}, {\"url\": \"https://lists.apache.org/thread.html/rc400db37710ee79378b6c52de3640493ff538c2beb41cefdbbdf2ab8%40%3Ccommits.submarine.apache.org%3E\", \"source\": \"security@apache.org\", \"tags\": [\"Mailing List\"]}, {\"url\": \"https://lists.apache.org/thread.html/rde3dbd8e646dabf8bef1b097e9a13ee0ecbdb8441aaed6092726c98d%40%3Cissues.ambari.apache.org%3E\", \"source\": \"security@apache.org\", \"tags\": [\"Mailing List\"]}, {\"url\": \"https://lists.apache.org/thread.html/re8d12db916b5582a23ed144b9c5abd0bea0be1649231aa880f6cbfff%40%3Cissues.lucene.apache.org%3E\", \"source\": \"security@apache.org\", \"tags\": [\"Mailing List\"]}, {\"url\": \"https://lists.apache.org/thread.html/rf5230a049d989dbfdd404b4320a265dceeeba459a4d04ec21873bd55%40%3Csolr-user.lucene.apache.org%3E\", \"source\": \"security@apache.org\", \"tags\": [\"Mailing List\"]}, {\"url\": \"https://lists.apache.org/thread.html/rf6d7ffae2b940114324e036b6394beadf27696d051ae0c4a5edf07af%40%3Cissues.lucene.apache.org%3E\", \"source\": \"security@apache.org\", \"tags\": [\"Exploit\", \"Mailing List\"]}, {\"url\": \"https://www.oracle.com/security-alerts/cpuoct2020.html\", \"source\": \"security@apache.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://packetstormsecurity.com/files/157078/Apache-Solr-8.3.0-Velocity-Template-Remote-Code-Execution.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\", \"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://issues.apache.org/jira/browse/SOLR-13971\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\", \"Issue Tracking\", \"Patch\", \"Vendor Advisory\"]}, {\"url\": \"https://lists.apache.org/thread.html/r0b7b9d4113e6ec1ae1d3d0898c645f758511107ea44f0f3a1210c5d5%40%3Cissues.lucene.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\"]}, {\"url\": \"https://lists.apache.org/thread.html/r12ab2cb15a34e49b4fecb5b2bdd7e10f3e8b7bf1f4f47fcde34d3a7c%40%3Cissues.lucene.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\"]}, {\"url\": \"https://lists.apache.org/thread.html/r19d23e8640236a3058b4d6c23e5cd663fde182255f5a9d63e0606a66%40%3Cdev.lucene.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\"]}, {\"url\": \"https://lists.apache.org/thread.html/r1d4a247329a8478073163567bbc8c8cb6b49c6bfc2bf58153a857af1%40%3Ccommits.druid.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\"]}, {\"url\": \"https://lists.apache.org/thread.html/r204ba2a9ea750f38d789d2bb429cc0925ad6133deea7cbc3001d96b5%40%3Csolr-user.lucene.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\"]}, {\"url\": \"https://lists.apache.org/thread.html/r25f1bd4545617f5b86dde27b4c30fec73117af65598a30e20209739a%40%3Cissues.lucene.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\"]}, {\"url\": \"https://lists.apache.org/thread.html/r339865b276614661770c909be1dd7e862232e3ef0af98bfd85686b51%40%3Cdev.lucene.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Issue Tracking\", \"Mailing List\"]}, {\"url\": \"https://lists.apache.org/thread.html/r36e35fd76239a381643555966fb3e72139e018d52d76544fb42f96d8%40%3Cissues.lucene.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Issue Tracking\", \"Mailing List\"]}, {\"url\": \"https://lists.apache.org/thread.html/r5074d814d3a8c75df4b20e66bfd268ee0a73ddea7e85070cec3ae78d%40%3Cissues.lucene.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\", \"Mailing List\"]}, {\"url\": \"https://lists.apache.org/thread.html/r58c58fe51c87bc30ee13bb8b4c83587f023edb349018705208e65b37%40%3Cissues.lucene.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\"]}, {\"url\": \"https://lists.apache.org/thread.html/r5dc200f7337093285bac40e6d5de5ea66597c3da343a0f7553f1bb12%40%3Csolr-user.lucene.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\"]}, {\"url\": \"https://lists.apache.org/thread.html/r79c7e75f90e735fd32c4e3e97340625aab66c09dfe8c4dc0ab768b69%40%3Csolr-user.lucene.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\"]}, {\"url\": \"https://lists.apache.org/thread.html/r7b89b3dcfc1b6c52dd8d610b897ac98408245040c92b484fe97a51a2%40%3Csolr-user.lucene.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\"]}, {\"url\": \"https://lists.apache.org/thread.html/r7f21ab40a9b17b1a703db84ac56773fcabacd4cc1eb5c4700d17c071%40%3Cissues.lucene.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\"]}, {\"url\": \"https://lists.apache.org/thread.html/r8a36e4f92f4449dec517e560e1b55639f31b3aca26c37bbad45e31de%40%3Cissues.lucene.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\"]}, {\"url\": \"https://lists.apache.org/thread.html/r8e7a3c253a695a7667da0b0ec57f9bb0e31f039e62afbc00a1d96f7b%40%3Csolr-user.lucene.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\"]}, {\"url\": \"https://lists.apache.org/thread.html/r9271d030452170ba6160c022757e1b5af8a4c9ccf9e04164dec02e7f%40%3Cissues.lucene.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\"]}, {\"url\": \"https://lists.apache.org/thread.html/r99c3f7ec3a079e2abbd540ecdb55a0e2a0f349ca7084273a12e87aeb%40%3Cissues.lucene.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\"]}, {\"url\": \"https://lists.apache.org/thread.html/ra29fa6ede5184385bf2c63e8ec054990a7d4622bba1d244bee70d82d%40%3Cissues.lucene.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\"]}, {\"url\": \"https://lists.apache.org/thread.html/rafc939fdd753f55707841cd5886fc7fcad4d8d8ba0c72429b3220a9a%40%3Cissues.lucene.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\"]}, {\"url\": \"https://lists.apache.org/thread.html/rb964fe5c4e3fc05f75e8f74bf6b885f456b7a7750c36e9a8045c627a%40%3Cissues.lucene.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\"]}, {\"url\": \"https://lists.apache.org/thread.html/rc400db37710ee79378b6c52de3640493ff538c2beb41cefdbbdf2ab8%40%3Ccommits.submarine.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\"]}, {\"url\": \"https://lists.apache.org/thread.html/rde3dbd8e646dabf8bef1b097e9a13ee0ecbdb8441aaed6092726c98d%40%3Cissues.ambari.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\"]}, {\"url\": \"https://lists.apache.org/thread.html/re8d12db916b5582a23ed144b9c5abd0bea0be1649231aa880f6cbfff%40%3Cissues.lucene.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\"]}, {\"url\": \"https://lists.apache.org/thread.html/rf5230a049d989dbfdd404b4320a265dceeeba459a4d04ec21873bd55%40%3Csolr-user.lucene.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\"]}, {\"url\": \"https://lists.apache.org/thread.html/rf6d7ffae2b940114324e036b6394beadf27696d051ae0c4a5edf07af%40%3Cissues.lucene.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\", \"Mailing List\"]}, {\"url\": \"https://www.oracle.com/security-alerts/cpuoct2020.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}]",
"sourceIdentifier": "security@apache.org",
"vulnStatus": "Modified",
"weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-74\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2019-17558\",\"sourceIdentifier\":\"security@apache.org\",\"published\":\"2019-12-30T17:15:19.780\",\"lastModified\":\"2025-10-27T17:37:34.463\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Apache Solr 5.0.0 to Apache Solr 8.3.1 are vulnerable to a Remote Code Execution through the VelocityResponseWriter. A Velocity template can be provided through Velocity templates in a configset `velocity/` directory or as a parameter. A user defined configset could contain renderable, potentially malicious, templates. Parameter provided templates are disabled by default, but can be enabled by setting `params.resource.loader.enabled` by defining a response writer with that setting set to `true`. Defining a response writer requires configuration API access. Solr 8.4 removed the params resource loader entirely, and only enables the configset-provided template rendering when the configset is `trusted` (has been uploaded by an authenticated user).\"},{\"lang\":\"es\",\"value\":\"Apache Solr versi\u00f3n 5.0.0 hasta Apache Solr versi\u00f3n 8.3.1 son vulnerables a una ejecuci\u00f3n de c\u00f3digo remota por medio de la funci\u00f3n VelocityResponseWriter. Se puede proporcionar una plantilla Velocity por medio de plantillas Velocity en un directorio configset \\\"velocity/\\\" o como un par\u00e1metro. Un configset definido por el usuario podr\u00eda contener plantillas renderizables, potencialmente maliciosas. Las plantillas proporcionadas por los par\u00e1metros est\u00e1n deshabilitadas por defecto, pero pueden ser habilitadas configurando \\\"params.resource.loader.enabled\\\" definiendo un escritor de respuestas con esa configuraci\u00f3n establecida en \\\"true\\\". La definici\u00f3n de un escritor de respuestas requiere acceso a la API de configuraci\u00f3n. Solr versi\u00f3n 8.4 elimin\u00f3 por completo el cargador de recursos params, y solo habilita la renderizaci\u00f3n de la plantilla proporcionada por el configset cuando el configset es \\\"trusted\\\" (ha sido cargado por parte de un usuario autenticado).\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.6,\"impactScore\":5.9},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.6,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:H/Au:S/C:P/I:P/A:P\",\"baseScore\":4.6,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"HIGH\",\"authentication\":\"SINGLE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":3.9,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"cisaExploitAdd\":\"2021-11-03\",\"cisaActionDue\":\"2022-05-03\",\"cisaRequiredAction\":\"Apply updates per vendor instructions.\",\"cisaVulnerabilityName\":\"Apache Solr VelocityResponseWriter Plug-In Remote Code Execution Vulnerability\",\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-74\"}]},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-74\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:solr:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.0.0\",\"versionEndExcluding\":\"7.7.3\",\"matchCriteriaId\":\"FB21C976-BDB8-4C23-8D75-D80EED433743\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:solr:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"8.0.0\",\"versionEndExcluding\":\"8.4.0\",\"matchCriteriaId\":\"4AE21606-4430-4CE0-ACFE-860199DC6D96\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:primavera_unifier:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"17.7\",\"versionEndIncluding\":\"17.12\",\"matchCriteriaId\":\"08FA59A8-6A62-4B33-8952-D6E658F8DAC9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:primavera_unifier:16.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D55A54FD-7DD1-49CD-BE81-0BE73990943C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:primavera_unifier:16.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"82EB08C0-2D46-4635-88DF-E54F6452D3A3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:primavera_unifier:18.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"202AD518-2E9B-4062-B063-9858AE1F9CE2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:primavera_unifier:19.12:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"10864586-270E-4ACF-BDCC-ECFCD299305F\"}]}]}],\"references\":[{\"url\":\"http://packetstormsecurity.com/files/157078/Apache-Solr-8.3.0-Velocity-Template-Remote-Code-Execution.html\",\"source\":\"security@apache.org\",\"tags\":[\"Exploit\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://issues.apache.org/jira/browse/SOLR-13971\",\"source\":\"security@apache.org\",\"tags\":[\"Exploit\",\"Issue Tracking\",\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/r0b7b9d4113e6ec1ae1d3d0898c645f758511107ea44f0f3a1210c5d5%40%3Cissues.lucene.apache.org%3E\",\"source\":\"security@apache.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.apache.org/thread.html/r12ab2cb15a34e49b4fecb5b2bdd7e10f3e8b7bf1f4f47fcde34d3a7c%40%3Cissues.lucene.apache.org%3E\",\"source\":\"security@apache.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.apache.org/thread.html/r19d23e8640236a3058b4d6c23e5cd663fde182255f5a9d63e0606a66%40%3Cdev.lucene.apache.org%3E\",\"source\":\"security@apache.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.apache.org/thread.html/r1d4a247329a8478073163567bbc8c8cb6b49c6bfc2bf58153a857af1%40%3Ccommits.druid.apache.org%3E\",\"source\":\"security@apache.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.apache.org/thread.html/r204ba2a9ea750f38d789d2bb429cc0925ad6133deea7cbc3001d96b5%40%3Csolr-user.lucene.apache.org%3E\",\"source\":\"security@apache.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.apache.org/thread.html/r25f1bd4545617f5b86dde27b4c30fec73117af65598a30e20209739a%40%3Cissues.lucene.apache.org%3E\",\"source\":\"security@apache.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.apache.org/thread.html/r339865b276614661770c909be1dd7e862232e3ef0af98bfd85686b51%40%3Cdev.lucene.apache.org%3E\",\"source\":\"security@apache.org\",\"tags\":[\"Issue Tracking\",\"Mailing List\"]},{\"url\":\"https://lists.apache.org/thread.html/r36e35fd76239a381643555966fb3e72139e018d52d76544fb42f96d8%40%3Cissues.lucene.apache.org%3E\",\"source\":\"security@apache.org\",\"tags\":[\"Issue Tracking\",\"Mailing List\"]},{\"url\":\"https://lists.apache.org/thread.html/r5074d814d3a8c75df4b20e66bfd268ee0a73ddea7e85070cec3ae78d%40%3Cissues.lucene.apache.org%3E\",\"source\":\"security@apache.org\",\"tags\":[\"Exploit\",\"Mailing List\"]},{\"url\":\"https://lists.apache.org/thread.html/r58c58fe51c87bc30ee13bb8b4c83587f023edb349018705208e65b37%40%3Cissues.lucene.apache.org%3E\",\"source\":\"security@apache.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.apache.org/thread.html/r5dc200f7337093285bac40e6d5de5ea66597c3da343a0f7553f1bb12%40%3Csolr-user.lucene.apache.org%3E\",\"source\":\"security@apache.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.apache.org/thread.html/r79c7e75f90e735fd32c4e3e97340625aab66c09dfe8c4dc0ab768b69%40%3Csolr-user.lucene.apache.org%3E\",\"source\":\"security@apache.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.apache.org/thread.html/r7b89b3dcfc1b6c52dd8d610b897ac98408245040c92b484fe97a51a2%40%3Csolr-user.lucene.apache.org%3E\",\"source\":\"security@apache.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.apache.org/thread.html/r7f21ab40a9b17b1a703db84ac56773fcabacd4cc1eb5c4700d17c071%40%3Cissues.lucene.apache.org%3E\",\"source\":\"security@apache.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.apache.org/thread.html/r8a36e4f92f4449dec517e560e1b55639f31b3aca26c37bbad45e31de%40%3Cissues.lucene.apache.org%3E\",\"source\":\"security@apache.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.apache.org/thread.html/r8e7a3c253a695a7667da0b0ec57f9bb0e31f039e62afbc00a1d96f7b%40%3Csolr-user.lucene.apache.org%3E\",\"source\":\"security@apache.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.apache.org/thread.html/r9271d030452170ba6160c022757e1b5af8a4c9ccf9e04164dec02e7f%40%3Cissues.lucene.apache.org%3E\",\"source\":\"security@apache.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.apache.org/thread.html/r99c3f7ec3a079e2abbd540ecdb55a0e2a0f349ca7084273a12e87aeb%40%3Cissues.lucene.apache.org%3E\",\"source\":\"security@apache.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.apache.org/thread.html/ra29fa6ede5184385bf2c63e8ec054990a7d4622bba1d244bee70d82d%40%3Cissues.lucene.apache.org%3E\",\"source\":\"security@apache.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.apache.org/thread.html/rafc939fdd753f55707841cd5886fc7fcad4d8d8ba0c72429b3220a9a%40%3Cissues.lucene.apache.org%3E\",\"source\":\"security@apache.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.apache.org/thread.html/rb964fe5c4e3fc05f75e8f74bf6b885f456b7a7750c36e9a8045c627a%40%3Cissues.lucene.apache.org%3E\",\"source\":\"security@apache.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.apache.org/thread.html/rc400db37710ee79378b6c52de3640493ff538c2beb41cefdbbdf2ab8%40%3Ccommits.submarine.apache.org%3E\",\"source\":\"security@apache.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.apache.org/thread.html/rde3dbd8e646dabf8bef1b097e9a13ee0ecbdb8441aaed6092726c98d%40%3Cissues.ambari.apache.org%3E\",\"source\":\"security@apache.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.apache.org/thread.html/re8d12db916b5582a23ed144b9c5abd0bea0be1649231aa880f6cbfff%40%3Cissues.lucene.apache.org%3E\",\"source\":\"security@apache.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.apache.org/thread.html/rf5230a049d989dbfdd404b4320a265dceeeba459a4d04ec21873bd55%40%3Csolr-user.lucene.apache.org%3E\",\"source\":\"security@apache.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.apache.org/thread.html/rf6d7ffae2b940114324e036b6394beadf27696d051ae0c4a5edf07af%40%3Cissues.lucene.apache.org%3E\",\"source\":\"security@apache.org\",\"tags\":[\"Exploit\",\"Mailing List\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpuoct2020.html\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://packetstormsecurity.com/files/157078/Apache-Solr-8.3.0-Velocity-Template-Remote-Code-Execution.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://issues.apache.org/jira/browse/SOLR-13971\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Issue Tracking\",\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/r0b7b9d4113e6ec1ae1d3d0898c645f758511107ea44f0f3a1210c5d5%40%3Cissues.lucene.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.apache.org/thread.html/r12ab2cb15a34e49b4fecb5b2bdd7e10f3e8b7bf1f4f47fcde34d3a7c%40%3Cissues.lucene.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.apache.org/thread.html/r19d23e8640236a3058b4d6c23e5cd663fde182255f5a9d63e0606a66%40%3Cdev.lucene.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.apache.org/thread.html/r1d4a247329a8478073163567bbc8c8cb6b49c6bfc2bf58153a857af1%40%3Ccommits.druid.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.apache.org/thread.html/r204ba2a9ea750f38d789d2bb429cc0925ad6133deea7cbc3001d96b5%40%3Csolr-user.lucene.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.apache.org/thread.html/r25f1bd4545617f5b86dde27b4c30fec73117af65598a30e20209739a%40%3Cissues.lucene.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.apache.org/thread.html/r339865b276614661770c909be1dd7e862232e3ef0af98bfd85686b51%40%3Cdev.lucene.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Mailing List\"]},{\"url\":\"https://lists.apache.org/thread.html/r36e35fd76239a381643555966fb3e72139e018d52d76544fb42f96d8%40%3Cissues.lucene.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Mailing List\"]},{\"url\":\"https://lists.apache.org/thread.html/r5074d814d3a8c75df4b20e66bfd268ee0a73ddea7e85070cec3ae78d%40%3Cissues.lucene.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Mailing List\"]},{\"url\":\"https://lists.apache.org/thread.html/r58c58fe51c87bc30ee13bb8b4c83587f023edb349018705208e65b37%40%3Cissues.lucene.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.apache.org/thread.html/r5dc200f7337093285bac40e6d5de5ea66597c3da343a0f7553f1bb12%40%3Csolr-user.lucene.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.apache.org/thread.html/r79c7e75f90e735fd32c4e3e97340625aab66c09dfe8c4dc0ab768b69%40%3Csolr-user.lucene.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.apache.org/thread.html/r7b89b3dcfc1b6c52dd8d610b897ac98408245040c92b484fe97a51a2%40%3Csolr-user.lucene.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.apache.org/thread.html/r7f21ab40a9b17b1a703db84ac56773fcabacd4cc1eb5c4700d17c071%40%3Cissues.lucene.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.apache.org/thread.html/r8a36e4f92f4449dec517e560e1b55639f31b3aca26c37bbad45e31de%40%3Cissues.lucene.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.apache.org/thread.html/r8e7a3c253a695a7667da0b0ec57f9bb0e31f039e62afbc00a1d96f7b%40%3Csolr-user.lucene.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.apache.org/thread.html/r9271d030452170ba6160c022757e1b5af8a4c9ccf9e04164dec02e7f%40%3Cissues.lucene.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.apache.org/thread.html/r99c3f7ec3a079e2abbd540ecdb55a0e2a0f349ca7084273a12e87aeb%40%3Cissues.lucene.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.apache.org/thread.html/ra29fa6ede5184385bf2c63e8ec054990a7d4622bba1d244bee70d82d%40%3Cissues.lucene.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.apache.org/thread.html/rafc939fdd753f55707841cd5886fc7fcad4d8d8ba0c72429b3220a9a%40%3Cissues.lucene.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.apache.org/thread.html/rb964fe5c4e3fc05f75e8f74bf6b885f456b7a7750c36e9a8045c627a%40%3Cissues.lucene.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.apache.org/thread.html/rc400db37710ee79378b6c52de3640493ff538c2beb41cefdbbdf2ab8%40%3Ccommits.submarine.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.apache.org/thread.html/rde3dbd8e646dabf8bef1b097e9a13ee0ecbdb8441aaed6092726c98d%40%3Cissues.ambari.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.apache.org/thread.html/re8d12db916b5582a23ed144b9c5abd0bea0be1649231aa880f6cbfff%40%3Cissues.lucene.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.apache.org/thread.html/rf5230a049d989dbfdd404b4320a265dceeeba459a4d04ec21873bd55%40%3Csolr-user.lucene.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://lists.apache.org/thread.html/rf6d7ffae2b940114324e036b6394beadf27696d051ae0c4a5edf07af%40%3Cissues.lucene.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Mailing List\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpuoct2020.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2019-17558\",\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"tags\":[\"US Government Resource\"]}]}}",
"vulnrichment": {
"containers": "{\"cna\": {\"affected\": [{\"product\": \"Apache Solr\", \"vendor\": \"n/a\", \"versions\": [{\"status\": \"affected\", \"version\": \"Apache Solr 5.0.0 to Apache Solr 8.3.1\"}]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"Apache Solr 5.0.0 to Apache Solr 8.3.1 are vulnerable to a Remote Code Execution through the VelocityResponseWriter. A Velocity template can be provided through Velocity templates in a configset `velocity/` directory or as a parameter. A user defined configset could contain renderable, potentially malicious, templates. Parameter provided templates are disabled by default, but can be enabled by setting `params.resource.loader.enabled` by defining a response writer with that setting set to `true`. Defining a response writer requires configuration API access. Solr 8.4 removed the params resource loader entirely, and only enables the configset-provided template rendering when the configset is `trusted` (has been uploaded by an authenticated user).\"}], \"problemTypes\": [{\"descriptions\": [{\"description\": \"Information Disclosure\", \"lang\": \"en\", \"type\": \"text\"}]}], \"providerMetadata\": {\"dateUpdated\": \"2021-03-25T00:06:22.000Z\", \"orgId\": \"f0158376-9dc2-43b6-827c-5f631a4d8d09\", \"shortName\": \"apache\"}, \"references\": [{\"name\": \"[lucene-issues] 20200107 [jira] [Commented] (SOLR-13971) CVE-2019-17558: Velocity custom template RCE vulnerability\", \"tags\": [\"mailing-list\", \"x_refsource_MLIST\"], \"url\": \"https://lists.apache.org/thread.html/rb964fe5c4e3fc05f75e8f74bf6b885f456b7a7750c36e9a8045c627a%40%3Cissues.lucene.apache.org%3E\"}, {\"name\": \"[lucene-issues] 20200108 [jira] [Commented] (SOLR-13971) CVE-2019-17558: Velocity custom template RCE vulnerability\", \"tags\": [\"mailing-list\", \"x_refsource_MLIST\"], \"url\": \"https://lists.apache.org/thread.html/r9271d030452170ba6160c022757e1b5af8a4c9ccf9e04164dec02e7f%40%3Cissues.lucene.apache.org%3E\"}, {\"name\": \"[lucene-issues] 20200108 [jira] [Updated] (SOLR-14025) CVE-2019-17558: Velocity response writer RCE vulnerability persists after 8.3.1\", \"tags\": [\"mailing-list\", \"x_refsource_MLIST\"], \"url\": \"https://lists.apache.org/thread.html/ra29fa6ede5184385bf2c63e8ec054990a7d4622bba1d244bee70d82d%40%3Cissues.lucene.apache.org%3E\"}, {\"name\": \"[lucene-issues] 20200108 [GitHub] [lucene-solr] Sachpat opened a new pull request #1156: SOLR-13971\", \"tags\": [\"mailing-list\", \"x_refsource_MLIST\"], \"url\": \"https://lists.apache.org/thread.html/r36e35fd76239a381643555966fb3e72139e018d52d76544fb42f96d8%40%3Cissues.lucene.apache.org%3E\"}, {\"name\": \"[lucene-issues] 20200108 [GitHub] [lucene-solr] Sachpat commented on a change in pull request #1156: SOLR-13971: CVE-2019-17558: Velocity custom template RCE vulnerability\", \"tags\": [\"mailing-list\", \"x_refsource_MLIST\"], \"url\": \"https://lists.apache.org/thread.html/r5074d814d3a8c75df4b20e66bfd268ee0a73ddea7e85070cec3ae78d%40%3Cissues.lucene.apache.org%3E\"}, {\"name\": \"[lucene-issues] 20200108 [GitHub] [lucene-solr] artem-smotrakov commented on a change in pull request #1156: SOLR-13971: CVE-2019-17558: Velocity custom template RCE vulnerability\", \"tags\": [\"mailing-list\", \"x_refsource_MLIST\"], \"url\": \"https://lists.apache.org/thread.html/rf6d7ffae2b940114324e036b6394beadf27696d051ae0c4a5edf07af%40%3Cissues.lucene.apache.org%3E\"}, {\"name\": \"[lucene-issues] 20200108 [GitHub] [lucene-solr] Sachpat commented on issue #1156: SOLR-13971: CVE-2019-17558: Velocity custom template RCE vulnerability\", \"tags\": [\"mailing-list\", \"x_refsource_MLIST\"], \"url\": \"https://lists.apache.org/thread.html/r58c58fe51c87bc30ee13bb8b4c83587f023edb349018705208e65b37%40%3Cissues.lucene.apache.org%3E\"}, {\"name\": \"[lucene-issues] 20200113 [GitHub] [lucene-solr] Sachpat closed pull request #1156: SOLR-13971: CVE-2019-17558: Velocity custom template RCE vulnerability\", \"tags\": [\"mailing-list\", \"x_refsource_MLIST\"], \"url\": \"https://lists.apache.org/thread.html/r25f1bd4545617f5b86dde27b4c30fec73117af65598a30e20209739a%40%3Cissues.lucene.apache.org%3E\"}, {\"name\": \"[lucene-issues] 20200113 [jira] [Commented] (SOLR-14025) CVE-2019-17558: Velocity response writer RCE vulnerability persists after 8.3.1\", \"tags\": [\"mailing-list\", \"x_refsource_MLIST\"], \"url\": \"https://lists.apache.org/thread.html/r12ab2cb15a34e49b4fecb5b2bdd7e10f3e8b7bf1f4f47fcde34d3a7c%40%3Cissues.lucene.apache.org%3E\"}, {\"name\": \"[lucene-issues] 20200113 [GitHub] [lucene-solr] chatman commented on issue #1156: SOLR-13971: CVE-2019-17558: Velocity custom template RCE vulnerability\", \"tags\": [\"mailing-list\", \"x_refsource_MLIST\"], \"url\": \"https://lists.apache.org/thread.html/r99c3f7ec3a079e2abbd540ecdb55a0e2a0f349ca7084273a12e87aeb%40%3Cissues.lucene.apache.org%3E\"}, {\"name\": \"[lucene-issues] 20200113 [GitHub] [lucene-solr] Sachpat commented on issue #1156: SOLR-13971: CVE-2019-17558: Velocity custom template RCE vulnerability\", \"tags\": [\"mailing-list\", \"x_refsource_MLIST\"], \"url\": \"https://lists.apache.org/thread.html/r0b7b9d4113e6ec1ae1d3d0898c645f758511107ea44f0f3a1210c5d5%40%3Cissues.lucene.apache.org%3E\"}, {\"name\": \"[lucene-dev] 20200213 Re: 7.7.3 bugfix release\", \"tags\": [\"mailing-list\", \"x_refsource_MLIST\"], \"url\": \"https://lists.apache.org/thread.html/r339865b276614661770c909be1dd7e862232e3ef0af98bfd85686b51%40%3Cdev.lucene.apache.org%3E\"}, {\"name\": \"[lucene-dev] 20200214 Re: 7.7.3 bugfix release\", \"tags\": [\"mailing-list\", \"x_refsource_MLIST\"], \"url\": \"https://lists.apache.org/thread.html/r19d23e8640236a3058b4d6c23e5cd663fde182255f5a9d63e0606a66%40%3Cdev.lucene.apache.org%3E\"}, {\"name\": \"[lucene-issues] 20200219 [jira] [Updated] (SOLR-14025) CVE-2019-17558: Velocity response writer RCE vulnerability persists after 8.3.1\", \"tags\": [\"mailing-list\", \"x_refsource_MLIST\"], \"url\": \"https://lists.apache.org/thread.html/rafc939fdd753f55707841cd5886fc7fcad4d8d8ba0c72429b3220a9a%40%3Cissues.lucene.apache.org%3E\"}, {\"name\": \"[ambari-issues] 20200220 [jira] [Created] (AMBARI-25482) solr dependence CVE-2019-17558\", \"tags\": [\"mailing-list\", \"x_refsource_MLIST\"], \"url\": \"https://lists.apache.org/thread.html/rde3dbd8e646dabf8bef1b097e9a13ee0ecbdb8441aaed6092726c98d%40%3Cissues.ambari.apache.org%3E\"}, {\"name\": \"[lucene-solr-user] 20200320 CVEs (vulnerabilities) that apply to Solr 8.4.1\", \"tags\": [\"mailing-list\", \"x_refsource_MLIST\"], \"url\": \"https://lists.apache.org/thread.html/r204ba2a9ea750f38d789d2bb429cc0925ad6133deea7cbc3001d96b5%40%3Csolr-user.lucene.apache.org%3E\"}, {\"name\": \"[lucene-solr-user] 20200320 Re: CVEs (vulnerabilities) that apply to Solr 8.4.1\", \"tags\": [\"mailing-list\", \"x_refsource_MLIST\"], \"url\": \"https://lists.apache.org/thread.html/rf5230a049d989dbfdd404b4320a265dceeeba459a4d04ec21873bd55%40%3Csolr-user.lucene.apache.org%3E\"}, {\"tags\": [\"x_refsource_MISC\"], \"url\": \"https://www.oracle.com/security-alerts/cpuoct2020.html\"}, {\"tags\": [\"x_refsource_MISC\"], \"url\": \"https://issues.apache.org/jira/browse/SOLR-13971\"}, {\"tags\": [\"x_refsource_MISC\"], \"url\": \"http://packetstormsecurity.com/files/157078/Apache-Solr-8.3.0-Velocity-Template-Remote-Code-Execution.html\"}, {\"name\": \"[submarine-commits] 20201209 [GitHub] [submarine] QiAnXinCodeSafe opened a new issue #474: There is a vulnerability in Apache Solr 5.5.4,upgrade recommended\", \"tags\": [\"mailing-list\", \"x_refsource_MLIST\"], \"url\": \"https://lists.apache.org/thread.html/rc400db37710ee79378b6c52de3640493ff538c2beb41cefdbbdf2ab8%40%3Ccommits.submarine.apache.org%3E\"}, {\"name\": \"[lucene-solr-user] 20210203 Re: SolrCloud keeps crashing\", \"tags\": [\"mailing-list\", \"x_refsource_MLIST\"], \"url\": \"https://lists.apache.org/thread.html/r79c7e75f90e735fd32c4e3e97340625aab66c09dfe8c4dc0ab768b69%40%3Csolr-user.lucene.apache.org%3E\"}, {\"name\": \"[lucene-issues] 20210210 [GitHub] [lucene-solr] rhtham edited a comment on pull request #1156: SOLR-13971: CVE-2019-17558: Velocity custom template RCE vulnerability\", \"tags\": [\"mailing-list\", \"x_refsource_MLIST\"], \"url\": \"https://lists.apache.org/thread.html/re8d12db916b5582a23ed144b9c5abd0bea0be1649231aa880f6cbfff%40%3Cissues.lucene.apache.org%3E\"}, {\"name\": \"[lucene-issues] 20210210 [GitHub] [lucene-solr] rhtham commented on pull request #1156: SOLR-13971: CVE-2019-17558: Velocity custom template RCE vulnerability\", \"tags\": [\"mailing-list\", \"x_refsource_MLIST\"], \"url\": \"https://lists.apache.org/thread.html/r8a36e4f92f4449dec517e560e1b55639f31b3aca26c37bbad45e31de%40%3Cissues.lucene.apache.org%3E\"}, {\"name\": \"[lucene-solr-user] 20210212 CVE-2019-17558 on SOLR 6.1\", \"tags\": [\"mailing-list\", \"x_refsource_MLIST\"], \"url\": \"https://lists.apache.org/thread.html/r7b89b3dcfc1b6c52dd8d610b897ac98408245040c92b484fe97a51a2%40%3Csolr-user.lucene.apache.org%3E\"}, {\"name\": \"[lucene-solr-user] 20210212 Re: CVE-2019-17558 on SOLR 6.1\", \"tags\": [\"mailing-list\", \"x_refsource_MLIST\"], \"url\": \"https://lists.apache.org/thread.html/r8e7a3c253a695a7667da0b0ec57f9bb0e31f039e62afbc00a1d96f7b%40%3Csolr-user.lucene.apache.org%3E\"}, {\"name\": \"[lucene-solr-user] 20210213 Re: CVE-2019-17558 on SOLR 6.1\", \"tags\": [\"mailing-list\", \"x_refsource_MLIST\"], \"url\": \"https://lists.apache.org/thread.html/r5dc200f7337093285bac40e6d5de5ea66597c3da343a0f7553f1bb12%40%3Csolr-user.lucene.apache.org%3E\"}, {\"name\": \"[lucene-issues] 20210315 [GitHub] [lucene-solr] erikhatcher commented on pull request #1156: SOLR-13971: CVE-2019-17558: Velocity custom template RCE vulnerability\", \"tags\": [\"mailing-list\", \"x_refsource_MLIST\"], \"url\": \"https://lists.apache.org/thread.html/r7f21ab40a9b17b1a703db84ac56773fcabacd4cc1eb5c4700d17c071%40%3Cissues.lucene.apache.org%3E\"}, {\"name\": \"[druid-commits] 20210324 [GitHub] [druid] jihoonson opened a new pull request #11030: Suppress cves\", \"tags\": [\"mailing-list\", \"x_refsource_MLIST\"], \"url\": \"https://lists.apache.org/thread.html/r1d4a247329a8478073163567bbc8c8cb6b49c6bfc2bf58153a857af1%40%3Ccommits.druid.apache.org%3E\"}], \"x_legacyV4Record\": {\"CVE_data_meta\": {\"ASSIGNER\": \"security@apache.org\", \"ID\": \"CVE-2019-17558\", \"STATE\": \"PUBLIC\"}, \"affects\": {\"vendor\": {\"vendor_data\": [{\"product\": {\"product_data\": [{\"product_name\": \"Apache Solr\", \"version\": {\"version_data\": [{\"version_value\": \"Apache Solr 5.0.0 to Apache Solr 8.3.1\"}]}}]}, \"vendor_name\": \"n/a\"}]}}, \"data_format\": \"MITRE\", \"data_type\": \"CVE\", \"data_version\": \"4.0\", \"description\": {\"description_data\": [{\"lang\": \"eng\", \"value\": \"Apache Solr 5.0.0 to Apache Solr 8.3.1 are vulnerable to a Remote Code Execution through the VelocityResponseWriter. A Velocity template can be provided through Velocity templates in a configset `velocity/` directory or as a parameter. A user defined configset could contain renderable, potentially malicious, templates. Parameter provided templates are disabled by default, but can be enabled by setting `params.resource.loader.enabled` by defining a response writer with that setting set to `true`. Defining a response writer requires configuration API access. Solr 8.4 removed the params resource loader entirely, and only enables the configset-provided template rendering when the configset is `trusted` (has been uploaded by an authenticated user).\"}]}, \"problemtype\": {\"problemtype_data\": [{\"description\": [{\"lang\": \"eng\", \"value\": \"Information Disclosure\"}]}]}, \"references\": {\"reference_data\": [{\"name\": \"[lucene-issues] 20200107 [jira] [Commented] (SOLR-13971) CVE-2019-17558: Velocity custom template RCE vulnerability\", \"refsource\": \"MLIST\", \"url\": \"https://lists.apache.org/thread.html/rb964fe5c4e3fc05f75e8f74bf6b885f456b7a7750c36e9a8045c627a@%3Cissues.lucene.apache.org%3E\"}, {\"name\": \"[lucene-issues] 20200108 [jira] [Commented] (SOLR-13971) CVE-2019-17558: Velocity custom template RCE vulnerability\", \"refsource\": \"MLIST\", \"url\": \"https://lists.apache.org/thread.html/r9271d030452170ba6160c022757e1b5af8a4c9ccf9e04164dec02e7f@%3Cissues.lucene.apache.org%3E\"}, {\"name\": \"[lucene-issues] 20200108 [jira] [Updated] (SOLR-14025) CVE-2019-17558: Velocity response writer RCE vulnerability persists after 8.3.1\", \"refsource\": \"MLIST\", \"url\": \"https://lists.apache.org/thread.html/ra29fa6ede5184385bf2c63e8ec054990a7d4622bba1d244bee70d82d@%3Cissues.lucene.apache.org%3E\"}, {\"name\": \"[lucene-issues] 20200108 [GitHub] [lucene-solr] Sachpat opened a new pull request #1156: SOLR-13971\", \"refsource\": \"MLIST\", \"url\": \"https://lists.apache.org/thread.html/r36e35fd76239a381643555966fb3e72139e018d52d76544fb42f96d8@%3Cissues.lucene.apache.org%3E\"}, {\"name\": \"[lucene-issues] 20200108 [GitHub] [lucene-solr] Sachpat commented on a change in pull request #1156: SOLR-13971: CVE-2019-17558: Velocity custom template RCE vulnerability\", \"refsource\": \"MLIST\", \"url\": \"https://lists.apache.org/thread.html/r5074d814d3a8c75df4b20e66bfd268ee0a73ddea7e85070cec3ae78d@%3Cissues.lucene.apache.org%3E\"}, {\"name\": \"[lucene-issues] 20200108 [GitHub] [lucene-solr] artem-smotrakov commented on a change in pull request #1156: SOLR-13971: CVE-2019-17558: Velocity custom template RCE vulnerability\", \"refsource\": \"MLIST\", \"url\": \"https://lists.apache.org/thread.html/rf6d7ffae2b940114324e036b6394beadf27696d051ae0c4a5edf07af@%3Cissues.lucene.apache.org%3E\"}, {\"name\": \"[lucene-issues] 20200108 [GitHub] [lucene-solr] Sachpat commented on issue #1156: SOLR-13971: CVE-2019-17558: Velocity custom template RCE vulnerability\", \"refsource\": \"MLIST\", \"url\": \"https://lists.apache.org/thread.html/r58c58fe51c87bc30ee13bb8b4c83587f023edb349018705208e65b37@%3Cissues.lucene.apache.org%3E\"}, {\"name\": \"[lucene-issues] 20200113 [GitHub] [lucene-solr] Sachpat closed pull request #1156: SOLR-13971: CVE-2019-17558: Velocity custom template RCE vulnerability\", \"refsource\": \"MLIST\", \"url\": \"https://lists.apache.org/thread.html/r25f1bd4545617f5b86dde27b4c30fec73117af65598a30e20209739a@%3Cissues.lucene.apache.org%3E\"}, {\"name\": \"[lucene-issues] 20200113 [jira] [Commented] (SOLR-14025) CVE-2019-17558: Velocity response writer RCE vulnerability persists after 8.3.1\", \"refsource\": \"MLIST\", \"url\": \"https://lists.apache.org/thread.html/r12ab2cb15a34e49b4fecb5b2bdd7e10f3e8b7bf1f4f47fcde34d3a7c@%3Cissues.lucene.apache.org%3E\"}, {\"name\": \"[lucene-issues] 20200113 [GitHub] [lucene-solr] chatman commented on issue #1156: SOLR-13971: CVE-2019-17558: Velocity custom template RCE vulnerability\", \"refsource\": \"MLIST\", \"url\": \"https://lists.apache.org/thread.html/r99c3f7ec3a079e2abbd540ecdb55a0e2a0f349ca7084273a12e87aeb@%3Cissues.lucene.apache.org%3E\"}, {\"name\": \"[lucene-issues] 20200113 [GitHub] [lucene-solr] Sachpat commented on issue #1156: SOLR-13971: CVE-2019-17558: Velocity custom template RCE vulnerability\", \"refsource\": \"MLIST\", \"url\": \"https://lists.apache.org/thread.html/r0b7b9d4113e6ec1ae1d3d0898c645f758511107ea44f0f3a1210c5d5@%3Cissues.lucene.apache.org%3E\"}, {\"name\": \"[lucene-dev] 20200213 Re: 7.7.3 bugfix release\", \"refsource\": \"MLIST\", \"url\": \"https://lists.apache.org/thread.html/r339865b276614661770c909be1dd7e862232e3ef0af98bfd85686b51@%3Cdev.lucene.apache.org%3E\"}, {\"name\": \"[lucene-dev] 20200214 Re: 7.7.3 bugfix release\", \"refsource\": \"MLIST\", \"url\": \"https://lists.apache.org/thread.html/r19d23e8640236a3058b4d6c23e5cd663fde182255f5a9d63e0606a66@%3Cdev.lucene.apache.org%3E\"}, {\"name\": \"[lucene-issues] 20200219 [jira] [Updated] (SOLR-14025) CVE-2019-17558: Velocity response writer RCE vulnerability persists after 8.3.1\", \"refsource\": \"MLIST\", \"url\": \"https://lists.apache.org/thread.html/rafc939fdd753f55707841cd5886fc7fcad4d8d8ba0c72429b3220a9a@%3Cissues.lucene.apache.org%3E\"}, {\"name\": \"[ambari-issues] 20200220 [jira] [Created] (AMBARI-25482) solr dependence CVE-2019-17558\", \"refsource\": \"MLIST\", \"url\": \"https://lists.apache.org/thread.html/rde3dbd8e646dabf8bef1b097e9a13ee0ecbdb8441aaed6092726c98d@%3Cissues.ambari.apache.org%3E\"}, {\"name\": \"[lucene-solr-user] 20200320 CVEs (vulnerabilities) that apply to Solr 8.4.1\", \"refsource\": \"MLIST\", \"url\": \"https://lists.apache.org/thread.html/r204ba2a9ea750f38d789d2bb429cc0925ad6133deea7cbc3001d96b5@%3Csolr-user.lucene.apache.org%3E\"}, {\"name\": \"[lucene-solr-user] 20200320 Re: CVEs (vulnerabilities) that apply to Solr 8.4.1\", \"refsource\": \"MLIST\", \"url\": \"https://lists.apache.org/thread.html/rf5230a049d989dbfdd404b4320a265dceeeba459a4d04ec21873bd55@%3Csolr-user.lucene.apache.org%3E\"}, {\"name\": \"https://www.oracle.com/security-alerts/cpuoct2020.html\", \"refsource\": \"MISC\", \"url\": \"https://www.oracle.com/security-alerts/cpuoct2020.html\"}, {\"name\": \"https://issues.apache.org/jira/browse/SOLR-13971\", \"refsource\": \"MISC\", \"url\": \"https://issues.apache.org/jira/browse/SOLR-13971\"}, {\"name\": \"http://packetstormsecurity.com/files/157078/Apache-Solr-8.3.0-Velocity-Template-Remote-Code-Execution.html\", \"refsource\": \"MISC\", \"url\": \"http://packetstormsecurity.com/files/157078/Apache-Solr-8.3.0-Velocity-Template-Remote-Code-Execution.html\"}, {\"name\": \"[submarine-commits] 20201209 [GitHub] [submarine] QiAnXinCodeSafe opened a new issue #474: There is a vulnerability in Apache Solr 5.5.4,upgrade recommended\", \"refsource\": \"MLIST\", \"url\": \"https://lists.apache.org/thread.html/rc400db37710ee79378b6c52de3640493ff538c2beb41cefdbbdf2ab8@%3Ccommits.submarine.apache.org%3E\"}, {\"name\": \"[lucene-solr-user] 20210203 Re: SolrCloud keeps crashing\", \"refsource\": \"MLIST\", \"url\": \"https://lists.apache.org/thread.html/r79c7e75f90e735fd32c4e3e97340625aab66c09dfe8c4dc0ab768b69@%3Csolr-user.lucene.apache.org%3E\"}, {\"name\": \"[lucene-issues] 20210210 [GitHub] [lucene-solr] rhtham edited a comment on pull request #1156: SOLR-13971: CVE-2019-17558: Velocity custom template RCE vulnerability\", \"refsource\": \"MLIST\", \"url\": \"https://lists.apache.org/thread.html/re8d12db916b5582a23ed144b9c5abd0bea0be1649231aa880f6cbfff@%3Cissues.lucene.apache.org%3E\"}, {\"name\": \"[lucene-issues] 20210210 [GitHub] [lucene-solr] rhtham commented on pull request #1156: SOLR-13971: CVE-2019-17558: Velocity custom template RCE vulnerability\", \"refsource\": \"MLIST\", \"url\": \"https://lists.apache.org/thread.html/r8a36e4f92f4449dec517e560e1b55639f31b3aca26c37bbad45e31de@%3Cissues.lucene.apache.org%3E\"}, {\"name\": \"[lucene-solr-user] 20210212 CVE-2019-17558 on SOLR 6.1\", \"refsource\": \"MLIST\", \"url\": \"https://lists.apache.org/thread.html/r7b89b3dcfc1b6c52dd8d610b897ac98408245040c92b484fe97a51a2@%3Csolr-user.lucene.apache.org%3E\"}, {\"name\": \"[lucene-solr-user] 20210212 Re: CVE-2019-17558 on SOLR 6.1\", \"refsource\": \"MLIST\", \"url\": \"https://lists.apache.org/thread.html/r8e7a3c253a695a7667da0b0ec57f9bb0e31f039e62afbc00a1d96f7b@%3Csolr-user.lucene.apache.org%3E\"}, {\"name\": \"[lucene-solr-user] 20210213 Re: CVE-2019-17558 on SOLR 6.1\", \"refsource\": \"MLIST\", \"url\": \"https://lists.apache.org/thread.html/r5dc200f7337093285bac40e6d5de5ea66597c3da343a0f7553f1bb12@%3Csolr-user.lucene.apache.org%3E\"}, {\"name\": \"[lucene-issues] 20210315 [GitHub] [lucene-solr] erikhatcher commented on pull request #1156: SOLR-13971: CVE-2019-17558: Velocity custom template RCE vulnerability\", \"refsource\": \"MLIST\", \"url\": \"https://lists.apache.org/thread.html/r7f21ab40a9b17b1a703db84ac56773fcabacd4cc1eb5c4700d17c071@%3Cissues.lucene.apache.org%3E\"}, {\"name\": \"[druid-commits] 20210324 [GitHub] [druid] jihoonson opened a new pull request #11030: Suppress cves\", \"refsource\": \"MLIST\", \"url\": \"https://lists.apache.org/thread.html/r1d4a247329a8478073163567bbc8c8cb6b49c6bfc2bf58153a857af1@%3Ccommits.druid.apache.org%3E\"}]}}}, \"adp\": [{\"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-05T01:40:16.078Z\"}, \"title\": \"CVE Program Container\", \"references\": [{\"name\": \"[lucene-issues] 20200107 [jira] [Commented] (SOLR-13971) CVE-2019-17558: Velocity custom template RCE vulnerability\", \"tags\": [\"mailing-list\", \"x_refsource_MLIST\", \"x_transferred\"], \"url\": \"https://lists.apache.org/thread.html/rb964fe5c4e3fc05f75e8f74bf6b885f456b7a7750c36e9a8045c627a%40%3Cissues.lucene.apache.org%3E\"}, {\"name\": \"[lucene-issues] 20200108 [jira] [Commented] (SOLR-13971) CVE-2019-17558: Velocity custom template RCE vulnerability\", \"tags\": [\"mailing-list\", \"x_refsource_MLIST\", \"x_transferred\"], \"url\": \"https://lists.apache.org/thread.html/r9271d030452170ba6160c022757e1b5af8a4c9ccf9e04164dec02e7f%40%3Cissues.lucene.apache.org%3E\"}, {\"name\": \"[lucene-issues] 20200108 [jira] [Updated] (SOLR-14025) CVE-2019-17558: Velocity response writer RCE vulnerability persists after 8.3.1\", \"tags\": [\"mailing-list\", \"x_refsource_MLIST\", \"x_transferred\"], \"url\": \"https://lists.apache.org/thread.html/ra29fa6ede5184385bf2c63e8ec054990a7d4622bba1d244bee70d82d%40%3Cissues.lucene.apache.org%3E\"}, {\"name\": \"[lucene-issues] 20200108 [GitHub] [lucene-solr] Sachpat opened a new pull request #1156: SOLR-13971\", \"tags\": [\"mailing-list\", \"x_refsource_MLIST\", \"x_transferred\"], \"url\": \"https://lists.apache.org/thread.html/r36e35fd76239a381643555966fb3e72139e018d52d76544fb42f96d8%40%3Cissues.lucene.apache.org%3E\"}, {\"name\": \"[lucene-issues] 20200108 [GitHub] [lucene-solr] Sachpat commented on a change in pull request #1156: SOLR-13971: CVE-2019-17558: Velocity custom template RCE vulnerability\", \"tags\": [\"mailing-list\", \"x_refsource_MLIST\", \"x_transferred\"], \"url\": \"https://lists.apache.org/thread.html/r5074d814d3a8c75df4b20e66bfd268ee0a73ddea7e85070cec3ae78d%40%3Cissues.lucene.apache.org%3E\"}, {\"name\": \"[lucene-issues] 20200108 [GitHub] [lucene-solr] artem-smotrakov commented on a change in pull request #1156: SOLR-13971: CVE-2019-17558: Velocity custom template RCE vulnerability\", \"tags\": [\"mailing-list\", \"x_refsource_MLIST\", \"x_transferred\"], \"url\": \"https://lists.apache.org/thread.html/rf6d7ffae2b940114324e036b6394beadf27696d051ae0c4a5edf07af%40%3Cissues.lucene.apache.org%3E\"}, {\"name\": \"[lucene-issues] 20200108 [GitHub] [lucene-solr] Sachpat commented on issue #1156: SOLR-13971: CVE-2019-17558: Velocity custom template RCE vulnerability\", \"tags\": [\"mailing-list\", \"x_refsource_MLIST\", \"x_transferred\"], \"url\": \"https://lists.apache.org/thread.html/r58c58fe51c87bc30ee13bb8b4c83587f023edb349018705208e65b37%40%3Cissues.lucene.apache.org%3E\"}, {\"name\": \"[lucene-issues] 20200113 [GitHub] [lucene-solr] Sachpat closed pull request #1156: SOLR-13971: CVE-2019-17558: Velocity custom template RCE vulnerability\", \"tags\": [\"mailing-list\", \"x_refsource_MLIST\", \"x_transferred\"], \"url\": \"https://lists.apache.org/thread.html/r25f1bd4545617f5b86dde27b4c30fec73117af65598a30e20209739a%40%3Cissues.lucene.apache.org%3E\"}, {\"name\": \"[lucene-issues] 20200113 [jira] [Commented] (SOLR-14025) CVE-2019-17558: Velocity response writer RCE vulnerability persists after 8.3.1\", \"tags\": [\"mailing-list\", \"x_refsource_MLIST\", \"x_transferred\"], \"url\": \"https://lists.apache.org/thread.html/r12ab2cb15a34e49b4fecb5b2bdd7e10f3e8b7bf1f4f47fcde34d3a7c%40%3Cissues.lucene.apache.org%3E\"}, {\"name\": \"[lucene-issues] 20200113 [GitHub] [lucene-solr] chatman commented on issue #1156: SOLR-13971: CVE-2019-17558: Velocity custom template RCE vulnerability\", \"tags\": [\"mailing-list\", \"x_refsource_MLIST\", \"x_transferred\"], \"url\": \"https://lists.apache.org/thread.html/r99c3f7ec3a079e2abbd540ecdb55a0e2a0f349ca7084273a12e87aeb%40%3Cissues.lucene.apache.org%3E\"}, {\"name\": \"[lucene-issues] 20200113 [GitHub] [lucene-solr] Sachpat commented on issue #1156: SOLR-13971: CVE-2019-17558: Velocity custom template RCE vulnerability\", \"tags\": [\"mailing-list\", \"x_refsource_MLIST\", \"x_transferred\"], \"url\": \"https://lists.apache.org/thread.html/r0b7b9d4113e6ec1ae1d3d0898c645f758511107ea44f0f3a1210c5d5%40%3Cissues.lucene.apache.org%3E\"}, {\"name\": \"[lucene-dev] 20200213 Re: 7.7.3 bugfix release\", \"tags\": [\"mailing-list\", \"x_refsource_MLIST\", \"x_transferred\"], \"url\": \"https://lists.apache.org/thread.html/r339865b276614661770c909be1dd7e862232e3ef0af98bfd85686b51%40%3Cdev.lucene.apache.org%3E\"}, {\"name\": \"[lucene-dev] 20200214 Re: 7.7.3 bugfix release\", \"tags\": [\"mailing-list\", \"x_refsource_MLIST\", \"x_transferred\"], \"url\": \"https://lists.apache.org/thread.html/r19d23e8640236a3058b4d6c23e5cd663fde182255f5a9d63e0606a66%40%3Cdev.lucene.apache.org%3E\"}, {\"name\": \"[lucene-issues] 20200219 [jira] [Updated] (SOLR-14025) CVE-2019-17558: Velocity response writer RCE vulnerability persists after 8.3.1\", \"tags\": [\"mailing-list\", \"x_refsource_MLIST\", \"x_transferred\"], \"url\": \"https://lists.apache.org/thread.html/rafc939fdd753f55707841cd5886fc7fcad4d8d8ba0c72429b3220a9a%40%3Cissues.lucene.apache.org%3E\"}, {\"name\": \"[ambari-issues] 20200220 [jira] [Created] (AMBARI-25482) solr dependence CVE-2019-17558\", \"tags\": [\"mailing-list\", \"x_refsource_MLIST\", \"x_transferred\"], \"url\": \"https://lists.apache.org/thread.html/rde3dbd8e646dabf8bef1b097e9a13ee0ecbdb8441aaed6092726c98d%40%3Cissues.ambari.apache.org%3E\"}, {\"name\": \"[lucene-solr-user] 20200320 CVEs (vulnerabilities) that apply to Solr 8.4.1\", \"tags\": [\"mailing-list\", \"x_refsource_MLIST\", \"x_transferred\"], \"url\": \"https://lists.apache.org/thread.html/r204ba2a9ea750f38d789d2bb429cc0925ad6133deea7cbc3001d96b5%40%3Csolr-user.lucene.apache.org%3E\"}, {\"name\": \"[lucene-solr-user] 20200320 Re: CVEs (vulnerabilities) that apply to Solr 8.4.1\", \"tags\": [\"mailing-list\", \"x_refsource_MLIST\", \"x_transferred\"], \"url\": \"https://lists.apache.org/thread.html/rf5230a049d989dbfdd404b4320a265dceeeba459a4d04ec21873bd55%40%3Csolr-user.lucene.apache.org%3E\"}, {\"tags\": [\"x_refsource_MISC\", \"x_transferred\"], \"url\": \"https://www.oracle.com/security-alerts/cpuoct2020.html\"}, {\"tags\": [\"x_refsource_MISC\", \"x_transferred\"], \"url\": \"https://issues.apache.org/jira/browse/SOLR-13971\"}, {\"tags\": [\"x_refsource_MISC\", \"x_transferred\"], \"url\": \"http://packetstormsecurity.com/files/157078/Apache-Solr-8.3.0-Velocity-Template-Remote-Code-Execution.html\"}, {\"name\": \"[submarine-commits] 20201209 [GitHub] [submarine] QiAnXinCodeSafe opened a new issue #474: There is a vulnerability in Apache Solr 5.5.4,upgrade recommended\", \"tags\": [\"mailing-list\", \"x_refsource_MLIST\", \"x_transferred\"], \"url\": \"https://lists.apache.org/thread.html/rc400db37710ee79378b6c52de3640493ff538c2beb41cefdbbdf2ab8%40%3Ccommits.submarine.apache.org%3E\"}, {\"name\": \"[lucene-solr-user] 20210203 Re: SolrCloud keeps crashing\", \"tags\": [\"mailing-list\", \"x_refsource_MLIST\", \"x_transferred\"], \"url\": \"https://lists.apache.org/thread.html/r79c7e75f90e735fd32c4e3e97340625aab66c09dfe8c4dc0ab768b69%40%3Csolr-user.lucene.apache.org%3E\"}, {\"name\": \"[lucene-issues] 20210210 [GitHub] [lucene-solr] rhtham edited a comment on pull request #1156: SOLR-13971: CVE-2019-17558: Velocity custom template RCE vulnerability\", \"tags\": [\"mailing-list\", \"x_refsource_MLIST\", \"x_transferred\"], \"url\": \"https://lists.apache.org/thread.html/re8d12db916b5582a23ed144b9c5abd0bea0be1649231aa880f6cbfff%40%3Cissues.lucene.apache.org%3E\"}, {\"name\": \"[lucene-issues] 20210210 [GitHub] [lucene-solr] rhtham commented on pull request #1156: SOLR-13971: CVE-2019-17558: Velocity custom template RCE vulnerability\", \"tags\": [\"mailing-list\", \"x_refsource_MLIST\", \"x_transferred\"], \"url\": \"https://lists.apache.org/thread.html/r8a36e4f92f4449dec517e560e1b55639f31b3aca26c37bbad45e31de%40%3Cissues.lucene.apache.org%3E\"}, {\"name\": \"[lucene-solr-user] 20210212 CVE-2019-17558 on SOLR 6.1\", \"tags\": [\"mailing-list\", \"x_refsource_MLIST\", \"x_transferred\"], \"url\": \"https://lists.apache.org/thread.html/r7b89b3dcfc1b6c52dd8d610b897ac98408245040c92b484fe97a51a2%40%3Csolr-user.lucene.apache.org%3E\"}, {\"name\": \"[lucene-solr-user] 20210212 Re: CVE-2019-17558 on SOLR 6.1\", \"tags\": [\"mailing-list\", \"x_refsource_MLIST\", \"x_transferred\"], \"url\": \"https://lists.apache.org/thread.html/r8e7a3c253a695a7667da0b0ec57f9bb0e31f039e62afbc00a1d96f7b%40%3Csolr-user.lucene.apache.org%3E\"}, {\"name\": \"[lucene-solr-user] 20210213 Re: CVE-2019-17558 on SOLR 6.1\", \"tags\": [\"mailing-list\", \"x_refsource_MLIST\", \"x_transferred\"], \"url\": \"https://lists.apache.org/thread.html/r5dc200f7337093285bac40e6d5de5ea66597c3da343a0f7553f1bb12%40%3Csolr-user.lucene.apache.org%3E\"}, {\"name\": \"[lucene-issues] 20210315 [GitHub] [lucene-solr] erikhatcher commented on pull request #1156: SOLR-13971: CVE-2019-17558: Velocity custom template RCE vulnerability\", \"tags\": [\"mailing-list\", \"x_refsource_MLIST\", \"x_transferred\"], \"url\": \"https://lists.apache.org/thread.html/r7f21ab40a9b17b1a703db84ac56773fcabacd4cc1eb5c4700d17c071%40%3Cissues.lucene.apache.org%3E\"}, {\"name\": \"[druid-commits] 20210324 [GitHub] [druid] jihoonson opened a new pull request #11030: Suppress cves\", \"tags\": [\"mailing-list\", \"x_refsource_MLIST\", \"x_transferred\"], \"url\": \"https://lists.apache.org/thread.html/r1d4a247329a8478073163567bbc8c8cb6b49c6bfc2bf58153a857af1%40%3Ccommits.druid.apache.org%3E\"}]}, {\"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 7.5, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"HIGH\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"LOW\", \"confidentialityImpact\": \"HIGH\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2019-17558\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"active\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-02-06T21:05:04.665287Z\"}}}, {\"other\": {\"type\": \"kev\", \"content\": {\"dateAdded\": \"2021-11-03\", \"reference\": \"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2019-17558\"}}}], \"references\": [{\"url\": \"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2019-17558\", \"tags\": [\"government-resource\"]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-74\", \"description\": \"CWE-74 Improper Neutralization of Special Elements in Output Used by a Downstream Component (\u0027Injection\u0027)\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-02-06T21:04:50.104Z\"}, \"timeline\": [{\"time\": \"2021-11-03T00:00:00+00:00\", \"lang\": \"en\", \"value\": \"CVE-2019-17558 added to CISA KEV\"}], \"title\": \"CISA ADP Vulnrichment\"}]}",
"cveMetadata": "{\"assignerOrgId\": \"f0158376-9dc2-43b6-827c-5f631a4d8d09\", \"assignerShortName\": \"apache\", \"cveId\": \"CVE-2019-17558\", \"datePublished\": \"2019-12-30T16:36:08.000Z\", \"dateReserved\": \"2019-10-14T00:00:00.000Z\", \"dateUpdated\": \"2025-10-21T19:54:42.692Z\", \"state\": \"PUBLISHED\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…