=====================================================================

                                  CERT-Renater

                      Note d'Information No. 2024/VULN034
_____________________________________________________________________

DATE                : 16/01/2024

HARDWARE PLATFORM(S): /

OPERATING SYSTEM(S): Systems running Apache Solr versions prior to
                                           9.3.0.

=====================================================================
https://solr.apache.org/news.html
https://issues.apache.org/jira/browse/SOLR-16808
_____________________________________________________________________

12 January 2024, CVE-2023-50290: Apache Solr allows read access to
host environment variables

Severity:
Important


Versions Affected:
Solr 9.0 to 9.2.1


Description:
Exposure of Sensitive Information to an Unauthorized Actor
vulnerability in Apache Solr. The Solr Metrics API publishes all
unprotected environment variables available to each Apache Solr
instance. Users are able to specify which environment variables
to hide, however, the default list is designed to work for known
secret Java system properties. Environment variables cannot be
strictly defined in Solr, like Java system properties can be, and
may be set for the entire host, unlike Java system properties which
are set per-Java-process.

The Solr Metrics API is protected by the "metrics-read" permission.
Therefore, Solr Clouds with Authorization setup will only be
vulnerable via users with the "metrics-read" permission.


Mitigation:
Users are recommended to upgrade to version 9.3.0 or later, in
which environment variables are not published via the Metrics API.


References:
JIRA - SOLR-15233
CVE - CVE-2023-50290

=========================================================
+ CERT-RENATER        |    tel : 01-53-94-20-44         +
+ 23/25 Rue Daviel    |    fax : 01-53-94-20-41         +
+ 75013 Paris         |   email:cert@support.renater.fr +
=========================================================