SID 1:51683

Report a false positive

Rule Category

POLICY-OTHER --

Alert Message

POLICY-OTHER Apache Solr DataImportHandler arbitrary dataConfig import attempt

Rule Explanation

This event is generated when some user attempts to upload an arbitrary dataConfig file to Apache Solr. Impact: Potential Corporate Privacy Violation Details: This rule checks for ALL attempts to upload an arbitrary dataConfig file to Apache Solr's DataImportHandler function. Ease of Attack:

What To Look For

No information provided

Known Usage

No public information

False Positives

Known false positives, with the described conditions

This rule will alert on all attempts to to upload some arbitrary DIH config file to the DataImportHandler function. The ability to use this dataConfig import function is disabled by default.

Contributors

Cisco Talos Intelligence Group

Rule Groups

No rule groups

CVE

CVE-2019-0193

Additional Links

issues.apache.org/jira/browse/SOLR-13669

Rule Vulnerability

CVE Additional Information

This product uses data from the NVD API but is not endorsed or certified by the NVD.
CVE-2019-0193
 Loading description