Vulnerability Details : CVE-2019-12401
Solr versions 1.3.0 to 1.4.1, 3.1.0 to 3.6.2 and 4.0.0 to 4.10.4 are vulnerable to an XML resource consumption attack (a.k.a. Lol Bomb) via it’s update handler.?By leveraging XML DOCTYPE and ENTITY type elements, the attacker can create a pattern that will expand when the server parses the XML causing OOMs.
Products affected by CVE-2019-12401
- cpe:2.3:a:apache:solr:*:*:*:*:*:*:*:*
- cpe:2.3:a:apache:solr:*:*:*:*:*:*:*:*
- cpe:2.3:a:apache:solr:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2019-12401
0.23%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 61 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2019-12401
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
5.0
|
MEDIUM | AV:N/AC:L/Au:N/C:N/I:N/A:P |
10.0
|
2.9
|
NIST | |
7.5
|
HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
3.9
|
3.6
|
NIST |
CWE ids for CVE-2019-12401
-
The product uses XML documents and allows their structure to be defined with a Document Type Definition (DTD), but it does not properly control the number of recursive definitions of entities.Assigned by: nvd@nist.gov (Primary)
References for CVE-2019-12401
-
https://lists.apache.org/thread.html/7ab5e95a1a0b4f35ffe53f1eb0cb74b4348b49d41b72ac155b843fa2@%3Cgeneral.lucene.apache.org%3E
[SECURITY] CVE-2019-12401: XML Bomb in Apache Solr versions prior to 5.0 - Pony MailMailing List;Vendor Advisory
-
https://security.netapp.com/advisory/ntap-20190926-0002/
CVE-2019-12401 Apache Solr Vulnerability in NetApp Products | NetApp Product SecurityThird Party Advisory
-
http://mail-archives.us.apache.org/mod_mbox/www-announce/201909.mbox/%3CCAECwjAXU4%3DkAo5DeUJw7Kvk67sgCmajAN7LGZQNjbjZ8gv%3DBdw%40mail.gmail.com%3E
[SECURITY] CVE-2019-12401: XML Bomb in Apache Solr versions prior to 5.0Broken Link;Mailing List;Vendor Advisory
-
https://lists.apache.org/thread.html/db8eaca456d03c00a66cbe37548978318d424b9997e3fd7f5c65dffe@%3Cdev.lucene.apache.org%3E
[jira] [Updated] (SOLR-13750) [CVE-2019-12401] XML Bomb in Apache Solr versions prior to 5.0.0 - Pony MailMailing List;Vendor Advisory
-
https://github.com/DrunkenShells/Disclosures/tree/master/CVE-2019-12401-XML%20Bomb-Apache%20Solr
Disclosures/CVE-2019-12401-XML Bomb-Apache Solr at master · DrunkenShells/Disclosures · GitHubExploit;Third Party Advisory
-
https://lists.apache.org/thread.html/048ae6e4f84a88e8856f766320b48ad91f9fca2c6f621aa2c40088fe@%3Cdev.lucene.apache.org%3E
[SECURITY] CVE-2019-12401: XML Bomb in Apache Solr versions prior to 5.0 - Pony MailMailing List;Vendor Advisory
-
https://lists.apache.org/thread.html/521d10a19bfb590f86dff41820ccfb11e92281f233a12c882650931e@%3Cdev.lucene.apache.org%3E
[jira] [Resolved] (SOLR-13750) [CVE-2019-12401] XML Bomb in Apache Solr versions prior to 5.0.0 - Pony MailMailing List;Vendor Advisory
-
https://lists.apache.org/thread.html/60a924662ead9aeea74e8ea128d9ca935f8de925aa71b15ab2787d6a@%3Csolr-user.lucene.apache.org%3E
[SECURITY] CVE-2019-12401: XML Bomb in Apache Solr versions prior to 5.0 - Pony MailMailing List;Vendor Advisory
-
https://lists.apache.org/thread.html/0ec231c5ed8d242890e21806d25fdd47f80cc47cac278d2fc1c9c579@%3Cdev.lucene.apache.org%3E
[jira] [Commented] (SOLR-13750) [CVE-2019-12401] XML Bomb in Apache Solr versions prior to 5.0.0 - Pony MailMailing List;Vendor Advisory
-
https://lists.apache.org/thread.html/1c92300643f48f13bc59b15e3f886ba62bae1798c7d4c2e5c1ece09b@%3Cannounce.apache.org%3E
[SECURITY] CVE-2019-12401: XML Bomb in Apache Solr versions prior to 5.0 - Pony MailMailing List;Vendor Advisory
-
http://www.openwall.com/lists/oss-security/2019/09/10/1
oss-security - [SECURITY] CVE-2019-12401: XML Bomb in Apache Solr versions prior to 5.0Mailing List;Third Party Advisory
Jump to