Is CVE-2019-12409 being actively exploited?

It is not currently in CISA's KEV catalog. Its EPSS exploitation probability is 22%.

What products does CVE-2019-12409 affect?

Tracked products affected include Apache Solr. Check the version you run to see whether it is affected.

How do I fix CVE-2019-12409?

Apply the vendor fix promptly. Upgrade affected products to a fixed version.

CVE-2019-12409

Q: What is CVE-2019-12409?

CVE-2019-12409 is a critical-severity software vulnerability (Unrestricted file upload) with a CVSS score of 9.8. The 8.1.1 and 8.2.0 releases of Apache Solr contain an insecure setting for the ENABLE_REMOTE_JMX_OPTS configuration option in the default solr.in.sh configuration file shipping with Solr. If you use the default solr.in.sh file from the aff

CRITICAL severity · CVSS 9.8 · Unrestricted file upload

9.8CVSS CRITICAL

Summary

The 8.1.1 and 8.2.0 releases of Apache Solr contain an insecure setting for the ENABLE_REMOTE_JMX_OPTS configuration option in the default solr.in.sh configuration file shipping with Solr. If you use the default solr.in.sh file from the affected releases, then JMX monitoring will be enabled and exposed on RMI_PORT (default=18983), without any authentication. If this port is opened for inbound traffic in your firewall, then anyone with network access to your Solr nodes will be able to access JMX, which may in turn allow them to upload malicious code for execution on the Solr server.

Impact & exploitability

Attack vectorNetwork

Attack complexityLow

Privileges requiredNone

User interactionNone

Confidentiality impactHigh

Integrity impactHigh

Availability impactHigh

Exploit probability (EPSS)22%

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Affected products we track (1)

Apache Solr

Recommendation

Apply the vendor fix promptly. Open any affected product above for its exact safe version.

CVE-2019-12409

Summary

Impact & exploitability

Affected products we track (1)

Recommendation

Additional information