漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
Misapplied Zookeeper ACLs can result in leakage of configured authentication and authorization settings
Vulnerability Description
When starting Apache Solr versions prior to 8.8.2, configured with the SaslZkACLProvider or VMParamsAllAndReadonlyDigestZkACLProvider and no existing security.json znode, if the optional read-only user is configured then Solr would not treat that node as a sensitive path and would allow it to be readable. Additionally, with any ZkACLProvider, if the security.json is already present, Solr will not automatically update the ACLs.
CVSS Information
N/A
Vulnerability Type
不充分的凭证保护机制
Vulnerability Title
Apache Solr 安全漏洞
Vulnerability Description
Apache Solr是美国阿帕奇(Apache)基金会的一款基于Lucene(一款全文搜索引擎)的搜索服务器。该产品支持层面搜索、垂直搜索、高亮显示搜索结果等。 Apache Solr 8.8.2 之前版本存在安全漏洞,该漏洞源于SaslZkACLProvider或VMParamsAllAndReadonlyDigestZkACLProvider配置,没有现有的安全性。
CVSS Information
N/A
Vulnerability Type
N/A