CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

CVE-2024-52012: Apache Solr: Configset upload on Windows allows arbitrary path write-access

Description

Relative Path Traversal vulnerability in Apache Solr.

Solr instances running on Windows are vulnerable to arbitrary filepath write-access, due to a lack of input-sanitation in the "configset upload" API. Commonly known as a "zipslip", maliciously constructed ZIP files can use relative filepaths to write data to unanticipated parts of the filesystem.
This issue affects Apache Solr: from 6.6 through 9.7.0.

Users are recommended to upgrade to version 9.8.0, which fixes the issue. Users unable to upgrade may also safely prevent the issue by using Solr's "Rule-Based Authentication Plugin" to restrict access to the configset upload API, so that it can only be accessed by a trusted set of administrators/users.

Classification

CVE ID: CVE-2024-52012

Affected Products

Vendor: Apache Software Foundation

Product: Apache Solr

Exploit Prediction Scoring System (EPSS)

EPSS Score: 0.04% (probability of being exploited)

EPSS Percentile: 11.72% (scored less or equal to compared to others)

EPSS Date: 2025-02-25 (when was this score calculated)

References

https://lists.apache.org/thread/yp39pgbv4vf1746pf5yblz84lv30vfxd

Timeline

2025-01-27 18:15:17 UTC
Github Advisory Database (Maven)

[org.apache.solr:solr-core] Apache Solr Relative Path Traversal vulnerability
2025-01-28 00:30:24 UTC
CVE

Apache Solr: Configset upload on Windows allows arbitrary path write-access