Relative Path Traversal

CVE-2024-52012

High

8.7/10

Summary

Relative Path Traversal vulnerability in Apache Solr. Solr instances running on Windows are vulnerable to arbitrary filepath write-access, due to a lack of input-sanitation in the "configset upload" API. Commonly known as a "zipslip", maliciously constructed ZIP files can use relative filepaths to write data to unanticipated parts of the file system. This issue affects org.apache.solr:solr-core package versions 6.6.0 through 9.7.0. Users are recommended to upgrade to version 9.8.0, which fixes the issue. Users unable to upgrade may also safely prevent the issue by using Solr's "Rule-Based Authentication Plugin" to restrict access to the "configset" upload API, so that it can only be accessed by a trusted set of "administrators/users".

Attack Complexity: LOW
Attack Vector: NETWORK
Integrity Impact: LOW
Scope: UNCHANGED
User Interaction: NONE
Privileges Required: LOW
Confidentiality Impact: LOW
Availability Impact: NONE

CWE-23 - Relative Path Traversal

The software uses external input to construct a pathname that should be within a restricted directory, but it does not properly neutralize sequences such as ".." that can resolve to a location that is outside of that directory.

References

Advisory Timeline

Published Jan 27, 2025

Relative Path Traversal

CVE-2024-52012

Summary

CWE-23 - Relative Path Traversal

References

Advisory Timeline

ChainJacking

JetBrains IDE

KICS SaaS