4.3

CVSS Score

3.1

Basic Information

CVE ID

CVE-2018-11802

GHSA ID

GHSA-j346-h5wc-rw2m

EPSS Score

0.36552%

CWE

CWE-863

Published

2/9/2022

Updated

2/1/2023

KEV Status

Technology

Java

Concerned about an active attack path?

Talk to our security experts and see Miggo in action.

Miggo Vulnerability Database

→

CVE-2018-11802

CVE-2018-11802: Incorrect Authorization in Apache Solr

In Apache Solr, the cluster can be partitioned into multiple collections and only a subset of nodes actually host any given collection. However, if a node receives a request for a collection it does not host, it proxies the request to a relevant node and serves the request. Solr bypasses all authorization settings for such requests. This affects all Solr versions prior to 7.7 that use the default authorization mechanism of Solr (RuleBasedAuthorizationPlugin).

(GitHub Advisory)

4.3

CVSS Score

3.1

Basic Information

CVE ID

CVE-2018-11802

GHSA ID

GHSA-j346-h5wc-rw2m

EPSS Score

0.36552%

CWE

CWE-863

Published

2/9/2022

Updated

2/1/2023

KEV Status

Technology

Java

Technical Details

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Package Name	Ecosystem	Vulnerable Versions	First Patched Version
org.apache.solr:solr-parent	maven	< 7.7.0	7.7.0
org.apache.solr:solr-core	maven	< 7.7.0	7.7.0

Vulnerability Intelligence
Miggo AI

Root Cause Analysis

The vulnerability stems from missing authorization checks when proxying requests between nodes. Key functions involved would be:

The request dispatcher (SolrDispatchFilter) that routes requests without authorization
The authorization plugin that is bypassed
Collection handlers that process proxied operations

Though exact patch details are unavailable, the vulnerability description explicitly states that proxied requests bypass RuleBasedAuthorizationPlugin checks. The functions above represent the most likely execution path where authorization should be applied but wasn't in vulnerable versions. Confidence is medium due to inference from architectural patterns rather than direct patch analysis.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

In *p**** Solr, t** *lust*r **n ** p*rtition** into multipl* *oll**tions *n* only * su*s*t o* no**s **tu*lly *ost *ny *iv*n *oll**tion. *ow*v*r, i* * no** r***iv*s * r*qu*st *or * *oll**tion it *o*s not *ost, it proxi*s t** r*qu*st to * r*l*v*nt no**

Reasoning

T** vuln*r**ility st*ms *rom missin* *ut*oriz*tion ****ks w**n proxyin* r*qu*sts **tw**n no**s. K*y *un*tions involv** woul* **: *. T** r*qu*st *isp*t***r (Solr*isp*t***ilt*r) t**t rout*s r*qu*sts wit*out *ut*oriz*tion *. T** *ut*oriz*tion plu*in t*

4.3

Basic Information

Concerned about an active attack path?

CVE-2018-11802: Incorrect Authorization in Apache Solr

4.3

Basic Information

Technical Details

Vulnerability IntelligenceMiggo AI

Root Cause Analysis

Vulnerable functions

WAF Protection Rules

WAF Rule

Reasoning

Vulnerability Intelligence
Miggo AI