CVE-2017-7660

{"id": "CVE-2017-7660", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV30": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 3.9}]}, "published": "2017-07-07T19:29:00.197", "references": [{"url": "http://mail-archives.us.apache.org/mod_mbox/www-announce/201707.mbox/%3CCAOOKt53EgrybaD%2BiSn-nBbvFdse-szhg%3DhMoDZuvUvyMme-Z%3Dg%40mail.gmail.com%3E", "tags": ["Mailing List", "Vendor Advisory"], "source": "security@apache.org"}, {"url": "http://www.securityfocus.com/bid/99485", "tags": ["Third Party Advisory", "VDB Entry"], "source": "security@apache.org"}, {"url": "https://security.netapp.com/advisory/ntap-20181127-0003/", "source": "security@apache.org"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-287"}]}], "descriptions": [{"lang": "en", "value": "Apache Solr uses a PKI based mechanism to secure inter-node communication when security is enabled. It is possible to create a specially crafted node name that does not exist as part of the cluster and point it to a malicious node. This can trick the nodes in cluster to believe that the malicious node is a member of the cluster. So, if Solr users have enabled BasicAuth authentication mechanism using the BasicAuthPlugin or if the user has implemented a custom Authentication plugin, which does not implement either \"HttpClientInterceptorPlugin\" or \"HttpClientBuilderPlugin\", his/her servers are vulnerable to this attack. Users who only use SSL without basic authentication or those who use Kerberos are not affected."}, {"lang": "es", "value": "Apache Solr utiliza un mecanismo basado en PKI para proteger la comunicaci\u00f3n entre nodos cuando la seguridad est\u00e1 habilitada. Es posible crear un nombre de nodo especialmente elaborado que no existe como parte del cl\u00faster y apunta hacia un nodo malicioso. Esto puede enga\u00f1ar a los nodos del cl\u00faster para creer que el nodo malicioso es un miembro del cl\u00faster. Por lo tanto, si los usuarios de Solr han habilitado el mecanismo de autenticaci\u00f3n BasicAuth mediante BasicAuthPlugin o si el usuario ha implementado un complemento de autenticaci\u00f3n personalizado, que no implementa \"HttpClientInterceptorPlugin\" o \"HttpClientBuilderPlugin\", sus servidores son vulnerables a este ataque. Los usuarios que solo utilizan SSL sin autenticaci\u00f3n b\u00e1sica o aquellos que utilizan Kerberos no se ven afectados."}], "lastModified": "2018-11-28T11:29:02.937", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:apache:solr:5.3.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6A15EC7D-D9FD-4BAF-AB39-3CDF36485557"}, {"criteria": "cpe:2.3:a:apache:solr:5.3.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B3BE5B93-258A-4CE9-990C-3B8447A6B454"}, {"criteria": "cpe:2.3:a:apache:solr:5.3.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1A6ECE67-ED5D-4188-9E67-3B4C91251D20"}, {"criteria": "cpe:2.3:a:apache:solr:5.4.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "78C579A3-DBF2-4B9A-9119-DD7854D1B74A"}, {"criteria": "cpe:2.3:a:apache:solr:5.4.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FBB5011F-D3B0-4778-9EE6-052EFA99608D"}, {"criteria": "cpe:2.3:a:apache:solr:5.5.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F5EABC66-0815-4B89-B0ED-2C44EC20F8DE"}, {"criteria": "cpe:2.3:a:apache:solr:5.5.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E79098DA-B7D2-4A8A-9FD8-B1B4330DBA75"}, {"criteria": "cpe:2.3:a:apache:solr:5.5.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3541C154-9A45-4331-8C15-B0BABE388058"}, {"criteria": "cpe:2.3:a:apache:solr:5.5.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F38C7034-7432-4530-8CFC-A04F08300074"}, {"criteria": "cpe:2.3:a:apache:solr:5.5.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0DE8EEE3-1EC6-4277-86CA-6AF6CC5B7928"}, {"criteria": "cpe:2.3:a:apache:solr:6.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "29F3170C-C5D6-431F-A2DD-692636CF5DAB"}, {"criteria": "cpe:2.3:a:apache:solr:6.0.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BA339070-A2BD-4559-B400-2BC2EB9923A7"}, {"criteria": "cpe:2.3:a:apache:solr:6.1.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B737CF14-C14A-4D97-B838-47EC4A2C68C8"}, {"criteria": "cpe:2.3:a:apache:solr:6.2.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "036F935D-B469-47C6-AF5D-3DFC73070753"}, {"criteria": "cpe:2.3:a:apache:solr:6.2.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "42A1A17A-32EA-40A2-9A1E-6019B493B5C1"}, {"criteria": "cpe:2.3:a:apache:solr:6.3.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "76557E9C-1F16-44D9-ACA1-F4DAEC966F05"}, {"criteria": "cpe:2.3:a:apache:solr:6.4.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DE068A02-D47A-4C6C-BFD3-040385599CA5"}, {"criteria": "cpe:2.3:a:apache:solr:6.4.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9CB3F9EB-63DE-4780-A357-FE89D1DB70CA"}, {"criteria": "cpe:2.3:a:apache:solr:6.4.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "099B5DFD-CCD9-4EE7-B49E-77EC286D5F19"}, {"criteria": "cpe:2.3:a:apache:solr:6.5.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "745CE558-1411-4356-9B79-2805FB4C80D7"}, {"criteria": "cpe:2.3:a:apache:solr:6.5.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F9B41559-4695-467E-B7EA-B9D86127CFD7"}], "operator": "OR"}]}], "sourceIdentifier": "security@apache.org"}