CVE-2017-3163

high

Published 2017-08-30 · Modified 2023-11-08

CVSS v3

7.5

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CVSS v2

5.0

VIR risk

7.5

Description

When using the Index Replication feature, Apache Solr nodes can pull index files from a master/leader node using an HTTP API which accepts a file name. However, Solr before 5.5.4 and 6.x before 6.4.1 did not validate the file name, hence it was possible to craft a special request involving path traversal, leaving any file readable to the Solr server process exposed. Solr servers protected and restricted by firewall rules and/or authentication would not be at risk since only trusted clients and users would gain direct HTTP access.

Predictions

Exploit likelihood

83%

Patch ETA

—

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

vendor Authored 2026-05-27

Vendor advisory: debian — https://security-tracker.debian.org/tracker/CVE-2017-3163

OS impact

OS	Version	Status	Fixed in
debian	bookworm	fixed	`3.6.2+dfsg-11`
debian	bullseye	fixed	`3.6.2+dfsg-11`
debian	forky	fixed	`3.6.2+dfsg-11`
debian	sid	fixed	`3.6.2+dfsg-11`
debian	trixie	fixed	`3.6.2+dfsg-11`

Package impact

Ecosystem	Package	Vulnerable	Fixed
Maven	org.apache.solr:solr-core	`<5.5.4`	`5.5.4`
Maven	org.apache.solr:solr-core	`>=6.0.0,<6.4.1`	`6.4.1`

Application impact

Vendor	Product	Versions
apache	solr	`{"endIncluding":"5.5.3"}`
apache	solr	`6.0.0`
apache	solr	`6.0.1`
apache	solr	`6.1.0`
apache	solr	`6.2.0`
apache	solr	`6.2.1`
apache	solr	`6.3.0`
apache	solr	`6.4.0`

References

CWEs

CWE-22

Verify integrity in audit chain (admin only). AS-IS.