CVE-2023-50292 : Incorrect Permission Assignment for Critical Resource, Improper Control of Dynam

Incorrect Permission Assignment for Critical Resource, Improper Control of Dynamically-Managed Code Resources vulnerability in Apache Solr. This issue affects Apache Solr: from 8.10.0 through 8.11.2, from 9.0.0 before 9.3.0. The Schema Designer was introduced to allow users to more easily configure and test new Schemas and configSets. However, when the feature was created, the "trust" (authentication) of these configSets was not considered. External library loading is only available to configSets that are "trusted" (created by authenticated users), thus non-authenticated users are unable to perform Remote Code Execution. Since the Schema Designer loaded configSets without taking their "trust" into account, configSets that were created by unauthenticated users were allowed to load external libraries when used in the Schema Designer. Users are recommended to upgrade to version 9.3.0, which fixes the issue.

Published 2024-02-09 18:15:08

Updated 2025-05-15 20:15:28

Source Apache Software Foundation

View at NVD, CVE.org

Vulnerability category: Execute code

Products affected by CVE-2023-50292

Apache » Solr
Versions from including (>=) 9.0.0 and before (<) 9.4.1
cpe:2.3:a:apache:solr:*:*:*:*:*:*:*:*
Matching versions
Apache » Solr
Versions from including (>=) 6.0.0 and before (<) 8.11.3
cpe:2.3:a:apache:solr:*:*:*:*:*:*:*:*
Matching versions

Exploit prediction scoring system (EPSS) score for CVE-2023-50292

EPSS FAQ

33.79%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 97 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2023-50292

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source	First Seen
7.5	HIGH	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N	3.9	3.6	134c704f-9b21-4f2e-91b3-4a467353bcc0	2025-05-15
Attack Vector: Network Attack Complexity: Low Privileges Required: None User Interaction: None Scope: Unchanged Confidentiality: High Integrity: None Availability: None
7.5	HIGH	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N	3.9	3.6	NIST	2024-02-15
Attack Vector: Network Attack Complexity: Low Privileges Required: None User Interaction: None Scope: Unchanged Confidentiality: High Integrity: None Availability: None
6.5	MEDIUM	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N	N/A	N/A	RedHat-CVE-2023-50292	2024-02-10
Attack Vector: Network Attack Complexity: Low Privileges Required: None User Interaction: None Scope: Unchanged Confidentiality: Low Integrity: Low Availability: None

CWE ids for CVE-2023-50292

CWE-732 Incorrect Permission Assignment for Critical Resource

The product specifies permissions for a security-critical resource in a way that allows that resource to be read or modified by unintended actors.

Assigned by: security@apache.org (Secondary)

References for CVE-2023-50292

http://www.openwall.com/lists/oss-security/2024/02/09/3

oss-security - CVE-2023-50292: Apache Solr: Solr Schema Designer blindly "trusts" all configsets, possibly leading to RCE by unauthenticated users
Mailing List

CVEs referencing this url
https://solr.apache.org/security.html#cve-2023-50298-apache-solr-can-expose-zookeeper-credentials-via-streaming-expressions

Solr™ Security News - Apache Solr
Vendor Advisory

CVEs referencing this url

Jump to

Vulnerability Details : CVE-2023-50292

Products affected by CVE-2023-50292

Exploit prediction scoring system (EPSS) score for CVE-2023-50292

CVSS scores for CVE-2023-50292

CWE ids for CVE-2023-50292

References for CVE-2023-50292