Forum Discussion

snarang's avatar
snarang
Product Team
6 years ago

Apache Solr Remains Vulnerable to Zero Day Remote Code...

Apache Solr Remains Vulnerable to Zero Day Remote Code Execution Flaw Late last month, a proof of concept (PoC) for a remote code execution (RCE) vulnerability in the Velocity Response Writer plugin...
Cyber Exposure Alerts
jones_bryan's avatar
jones_bryan
Connect Contributor
6 years ago

Interesting post. ​Any update on when a plugin will be released for this?

snarang's avatar
snarang
Product Team
6 years ago

Hi @Bryan Jones​,

A plugin is expected to be released within the next day. There is a link on the blog to the plugin search page, which currently shows no results. There should be a result by tomorrow. For reference, here's the link.

Regards,

Satnam

  • jones_bryan's avatar
    jones_bryan
    Connect Contributor
    6 years ago

    ​Thanks, for the update. I still don't see a plugin listed for it.

  • snarang's avatar
    snarang
    Product Team
    6 years ago

    Hi @Bryan Jones​,

    Apologies for the delay. I followed-up with my colleagues on this one and because of an issue, the release of this plugin was pushed back. I've informed them about your inquiry and was told it should be released in the coming days. Rather than have you wait, I will respond back to this thread once I get confirmation the plugin is out.

    Thanks for your patience.

    Regards,

    Satnam

  • snarang's avatar
    snarang
    Product Team
    6 years ago

    Hi @Bryan Jones​,

    I just wanted to let you know that the plugin is available. It appears that there is an issue with the link in the blog, which I'm going to get fixed. In the meantime, you can identify this vulnerability using the following plugin:

    https://www.tenable.com/plugins/nessus/131734

    Let me know if you have any other questions.

    Regards,

    Satnam

Recent Discussions