Vulnerability Details : CVE-2020-13957
Apache Solr versions 6.6.0 to 6.6.6, 7.0.0 to 7.7.3 and 8.0.0 to 8.6.2 prevents some features considered dangerous (which could be used for remote code execution) to be configured in a ConfigSet that's uploaded via API without authentication/authorization. The checks in place to prevent such features can be circumvented by using a combination of UPLOAD/CREATE actions.
Vulnerability category: Execute code
Products affected by CVE-2020-13957
- cpe:2.3:a:apache:solr:*:*:*:*:*:*:*:*
- cpe:2.3:a:apache:solr:*:*:*:*:*:*:*:*
- cpe:2.3:a:apache:solr:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2020-13957
71.79%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 98 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2020-13957
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
7.5
|
HIGH | AV:N/AC:L/Au:N/C:P/I:P/A:P |
10.0
|
6.4
|
NIST | |
9.8
|
CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
3.9
|
5.9
|
NIST |
CWE ids for CVE-2020-13957
-
The product performs an authorization check when an actor attempts to access a resource or perform an action, but it does not correctly perform the check.Assigned by: nvd@nist.gov (Primary)
References for CVE-2020-13957
-
https://lists.apache.org/thread.html/r5557641fcf5cfd99260a7037cfbc8788fb546b72c98a900570edaa2e@%3Cissues.lucene.apache.org%3E
[GitHub] [lucene-site] tflobbe opened a new pull request #32: Publish: Add CVE-2020-13957 page (#31) - Pony MailMailing List;Vendor Advisory
-
https://lists.apache.org/thread.html/r999f828e6e37d9e825e207471cbfd2681c3befcd7f3abd59ed87c0d5@%3Cissues.bigtop.apache.org%3E
[jira] [Created] (BIGTOP-3507) Solr: CVE-2020-13957 mitigation backport - Pony MailMailing List;Vendor Advisory
-
https://lists.apache.org/thread.html/r1d4a247329a8478073163567bbc8c8cb6b49c6bfc2bf58153a857af1@%3Ccommits.druid.apache.org%3E
[GitHub] [druid] jihoonson opened a new pull request #11030: Suppress cves - Pony MailMailing List;Vendor Advisory
-
https://lists.apache.org/thread.html/r622a043c2890327f8a4aea16b131e8a7137a282a004614369fceb224@%3Cdev.bigtop.apache.org%3E
[GitHub] [bigtop] JunHe77 commented on pull request #743: BIGTOP-3507: CVE-2020-13957 mitigation backport - Pony MailMailing List;Vendor Advisory
-
https://lists.apache.org/thread.html/r853fdc6d0b91d5e01a26c7bd5becb044ad775a231703d634ca5d55c9@%3Cissues.lucene.apache.org%3E
[jira] [Updated] (SOLR-14925) CVE-2020-13957: The checks added to unauthenticated configset uploads can be circumvented - Pony MailMailing List;Vendor Advisory
-
https://lists.apache.org/thread.html/r3da9895cea476bcee2557531bebd4e8f6f367dc3ea900a65e2f51cd8@%3Cissues.bigtop.apache.org%3E
Pony Mail!Mailing List;Vendor Advisory
-
https://mail-archives.us.apache.org/mod_mbox/www-announce/202010.mbox/%3CCAECwjAWCVLoVaZy%3DTNRQ6Wk9KWVxdPRiGS8NT%2BPHMJCxbbsEVg%40mail.gmail.com%3E
Mailing List;Vendor Advisory
-
https://lists.apache.org/thread.html/r2236fdf99ac3efbfc36c2df96d3a88f822baa6f45e13fec7ff558e34@%3Cdev.bigtop.apache.org%3E
[jira] [Created] (BIGTOP-3507) Solr: CVE-2020-13957 mitigation backport - Pony MailMailing List;Vendor Advisory
-
https://lists.apache.org/thread.html/r3d1e24a73e6bffa1d6534e1f34c8f5cbd9999495e7d933640f4fa0ed@%3Cissues.lucene.apache.org%3E
[GitHub] [lucene-site] tflobbe commented on pull request #32: Publish: Add CVE-2020-13957 page (#31) - Pony MailMailing List;Vendor Advisory
-
https://lists.apache.org/thread.html/r226c1112bb41e7cd427862d875eff9877a20a40242c2542f4dd39e4a@%3Cissues.lucene.apache.org%3E
[jira] [Updated] (SOLR-14925) CVE-2020-13957: The checks added to unauthenticated configset uploads can be circumvented - Pony MailMailing List;Vendor Advisory
-
https://lists.apache.org/thread.html/r4ca8ba5980d9049cf3707798aa3116ee76c1582f171ff452ad2ca75e@%3Cissues.lucene.apache.org%3E
[GitHub] [lucene-site] tflobbe opened a new pull request #31: Add CVE-2020-13957 page - Pony MailMailing List;Vendor Advisory
-
https://lists.apache.org/thread.html/rb2f1c7fd3d3ea719dfac4706a80e6affddecae8663dda04e1335347f@%3Ccommits.bigtop.apache.org%3E
[bigtop] branch master updated: BIGTOP-3507: CVE-2020-13957 mitigation backport (#743) - Pony MailMailing List;Vendor Advisory
-
https://lists.apache.org/thread.html/r8b1782d42d0a4ce573495d5d9345ad328d652c68c411ccdb245c57e3@%3Cissues.lucene.apache.org%3E
[jira] [Commented] (SOLR-14925) CVE-2020-13957: The checks added to unauthenticated configset uploads can be circumvented - Pony MailMailing List;Vendor Advisory
-
https://lists.apache.org/thread.html/rb1de6ba50a468e9baff32a249edaa08f6bcec7dd7cc208e25e6b48c8@%3Cissues.bigtop.apache.org%3E
[jira] [Assigned] (BIGTOP-3507) Solr: CVE-2020-13957 mitigation backport - Pony MailMailing List;Vendor Advisory
-
https://lists.apache.org/thread.html/r7512ae552cd9d14ab8b1bc0a7e95f2ec52ae85364f068d4034398ede@%3Cissues.lucene.apache.org%3E
[GitHub] [lucene-site] tflobbe merged pull request #31: Add CVE-2020-13957 page - Pony MailMailing List;Vendor Advisory
-
https://lists.apache.org/thread.html/r2a6600fe9afd502c04d26fd112823ec3f3c3ad1b4a289d10567a78a0@%3Cdev.bigtop.apache.org%3E
[GitHub] [bigtop] iwasakims merged pull request #743: BIGTOP-3507: CVE-2020-13957 mitigation backport - Pony MailMailing List;Vendor Advisory
-
https://lists.apache.org/thread.html/r13a728994c60be5b5a7049282b5c926dac1fc6a9a0b2362f6adfa573@%3Cissues.lucene.apache.org%3E
[GitHub] [lucene-site] tflobbe closed pull request #32: Publish: Add CVE-2020-13957 page (#31) - Pony MailMailing List;Vendor Advisory
-
https://security.netapp.com/advisory/ntap-20201023-0002/
CVE-2020-13957 Apache Solr Vulnerability in NetApp Products | NetApp Product SecurityThird Party Advisory
-
https://lists.apache.org/thread.html/r1c783d3d81ba62f3381a17a4d6c826f7dead3a132ba42349c90df075@%3Ccommits.lucene.apache.org%3E
[lucene-site] branch master updated: Add CVE-2020-13957 page (#31) - Pony MailMailing List;Patch;Vendor Advisory
-
https://lists.apache.org/thread.html/r2f8d33a4de07db9459fb2a98a1cd39747066137636b53f84a13e5628@%3Cissues.lucene.apache.org%3E
Pony Mail!Mailing List;Vendor Advisory
-
https://lists.apache.org/thread.html/rf1a32f00017e83ff29a74be2de02e28e4302dddb5f14c624e297a8c0@%3Cdev.bigtop.apache.org%3E
[GitHub] [bigtop] JunHe77 opened a new pull request #743: BIGTOP-3507: CVE-2020-13957 mitigation backport - Pony MailMailing List;Vendor Advisory
-
https://lists.apache.org/thread.html/r9d7356f209ee30d702b6a921c866564eb2e291b126640c7ab70feea7@%3Ccommits.lucene.apache.org%3E
[lucene-site] 02/02: Add CVE-2020-13957 page (#31) - Pony MailMailing List;Patch;Vendor Advisory
Jump to