Apache Solr Remote Code Execution Vulnerability Due to Default Configuration (CVE-2019-12409)

Apache has released a security update to fix a remote code execution vulnerability in Solr, tracked as CVE-2019-12409. The flaw arises due to a default insecure parameter in the solr.in.sh configuration file, which was shipped with affected Solr versions. Description: CVE-2019-12409 was first reported in July 2019. A week ago, security researcher demonstrated that the … Continue reading “Apache Solr Remote Code Execution Vulnerability Due to Default Configuration (CVE-2019-12409)”