1. Home
  2. CVEs with refmap.mlist==[lucene-dev] 20190320 [jira] [Issue Comment Deleted] (SOLR-13301) [CVE-2019-0192] Deserialization of untrusted data via jmx.serviceUrl
Max CVSS 7.5 Min CVSS 7.5 Total Count2
IDCVSSSummaryLast (major) updatePublished
CVE-2019-0192 7.5
In Apache Solr versions 5.0.0 to 5.5.5 and 6.0.0 to 6.6.5, the Config API allows to configure the JMX server via an HTTP POST request. By pointing it to a malicious RMI server, an attacker could take advantage of Solr's unsafe deserialization to trig
09-12-2020 - 11:15 07-03-2019 - 21:29
Back to Top Mark selected
Back to Top