UBUNTU-CVE-2025-24814

See a problem?
Please try reporting it to the source first.

Source

https://ubuntu.com/security/CVE-2025-24814

Import Source

https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2025/UBUNTU-CVE-2025-24814.json

JSON Data

https://api.test.osv.dev/v1/vulns/UBUNTU-CVE-2025-24814

Related

CVE-2025-24814

Published

2025-01-27T09:15:00Z

Modified

2025-01-29T16:32:56Z

Summary

[none]

Details

Core creation allows users to replace "trusted" configset files with arbitrary configuration Solr instances that (1) use the "FileSystemConfigSetService" component (the default in "standalone" or "user-managed" mode), and (2) are running without authentication and authorization are vulnerable to a sort of privilege escalation wherein individual "trusted" configset files can be ignored in favor of potentially-untrusted replacements available elsewhere on the filesystem. These replacement config files are treated as "trusted" and can use "<lib>" tags to add to Solr's classpath, which an attacker might use to load malicious code as a searchComponent or other plugin. This issue affects all Apache Solr versions up through Solr 9.7. Users can protect against the vulnerability by enabling authentication and authorization on their Solr clusters or switching to SolrCloud (and away from "FileSystemConfigSetService"). Users are also recommended to upgrade to Solr 9.8.0, which mitigates this issue by disabling use of "<lib>" tags by default.

References

Affected packages

Ubuntu:Pro:14.04:LTS / lucene-solr

Package

Name: lucene-solr
Purl: pkg:deb/ubuntu/lucene-solr@3.6.2+dfsg-2ubuntu0.1~esm2?arch=source&distro=esm-infra-legacy/trusty

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

3.*

3.6.2+dfsg-1

3.6.2+dfsg-2

3.6.2+dfsg-2ubuntu0.1~esm1

3.6.2+dfsg-2ubuntu0.1~esm2

Ecosystem specific

{
    "ubuntu_priority": "medium"
}

Ubuntu:Pro:16.04:LTS / lucene-solr

Package

Name: lucene-solr
Purl: pkg:deb/ubuntu/lucene-solr@3.6.2+dfsg-8ubuntu0.1?arch=source&distro=esm-apps/xenial

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

3.*

3.6.2+dfsg-7

3.6.2+dfsg-8

3.6.2+dfsg-8ubuntu0.1

Ecosystem specific

{
    "ubuntu_priority": "medium"
}

Ubuntu:Pro:18.04:LTS / lucene-solr

Package

Name: lucene-solr
Purl: pkg:deb/ubuntu/lucene-solr@3.6.2+dfsg-18~18.04?arch=source&distro=esm-apps/bionic

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

3.*

3.6.2+dfsg-10

3.6.2+dfsg-11

3.6.2+dfsg-18~18.04

Ecosystem specific

{
    "ubuntu_priority": "medium"
}

Ubuntu:20.04:LTS / lucene-solr

Package

Name: lucene-solr
Purl: pkg:deb/ubuntu/lucene-solr@3.6.2+dfsg-22?arch=source&distro=focal

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

3.*

3.6.2+dfsg-20

3.6.2+dfsg-22

Ecosystem specific

{
    "ubuntu_priority": "medium"
}

Ubuntu:22.04:LTS / lucene-solr

Package

Name: lucene-solr
Purl: pkg:deb/ubuntu/lucene-solr@3.6.2+dfsg-24?arch=source&distro=jammy

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

3.6.2+dfsg-24

Ecosystem specific

{
    "availability": "No subscription required",
    "ubuntu_priority": "medium",
    "binaries": [
        {
            "binary_version": "3.6.2+dfsg-24",
            "binary_name": "liblucene3-contrib-java"
        },
        {
            "binary_version": "3.6.2+dfsg-24",
            "binary_name": "liblucene3-java"
        }
    ]
}