CVE-2024-45216: Critical Authentication Bypass Vulnerability Patched in Apache Solr
Apache Solr, a highly reliable and scalable search platform powering the search functionalities of some of the world’s largest internet sites, has been the target of two newly disclosed security vulnerabilities, CVE-2024-45216 and CVE-2024-45217. These vulnerabilities present serious risks for organizations running affected Solr instances, potentially exposing them to authentication bypasses and unauthorized code execution.
The critical vulnerability, tracked as CVE-2024-45216, affects Solr instances using the PKIAuthenticationPlugin, which is enabled by default when Solr Authentication is used.
“A fake ending at the end of any Solr API URL path, will allow requests to skip Authentication while maintaining the API contract with the original URL Path,” the advisory explains. “This fake ending looks like an unprotected API path, however it is stripped off internally after authentication but before API routing.”
This flaw could allow attackers to execute commands and access data without proper credentials, potentially leading to data breaches and system compromise.
A second vulnerability, CVE-2024-45217, rated as “Moderate,” involves the insecure initialization of ConfigSets during a backup restore command. This could allow attackers to create “trusted” ConfigSets that can load custom code, potentially leading to remote code execution.
“New ConfigSets that are created via a Restore command, which copy a configSet from the backup and give it a new name, are created without setting the ‘trusted’ metadata,” the advisory states.
Mitigation
Users are urged to upgrade to Apache Solr 9.7.0 or 8.11.4 to address these vulnerabilities. The advisory also recommends enabling authentication and authorization for all Solr instances.
“Users are primarily recommended to use Authentication and Authorization when running Solr,” the project emphasizes.
