Skip to main content

Smile On Fridays secured coverage on CBR for Tenable

Experts Expect “Aggressive Exploitation” of Two Apache Solr Vulnerabilities

As Columbia-based security firm Tenable noted, on October 29, a PoC for another RCE vulnerability in Apache Solr, was published as a GitHub Gist (code snippets published to GitHub). Tenable’s Satnam Narang said: “At the time this blog was published, this vulnerability did not have a CVE identifier and no confirmation or indication of a solution available from Apache. Tenable Research has confirmed that Apache Solr versions 7.7.2 through 8.3 (the most current release) are vulnerable, and we suspect older versions that include the Config API are potentially vulnerable.”

Button Text