This host is installed with Apache Solr and is prone to xml external entity vulnerability.
Successful exploitation will allow remote attackers to gain potentially sensitive information, cause denial of service and potentially perform other more advanced XXE attacks. Impact Level: Application
Upgrade to Apache Solr version 4.1 or later. For updates refer to http://lucene.apache.org/solr
The flaw is due to error in 'UpdateRequestHandler' and 'XPathEntityProcessor' when parsing XML entities.
Apache Solr before version 4.1
Get the installed version with the help of detect NVT and check the version is vulnerable or not.
Updated on 2017-03-28
- AstroSPACES profile.php SQL Injection Vulnerability
- ASAS Server End User Self Service (EUSS) SQL Injection Vulnerability
- AjaXplorer zoho plugin Directory Traversal Vulnerability
- Apache Tomcat/JBoss EJBInvokerServlet / JMXInvokerServlet (RMI over HTTP) Marshalled Object Remote Code Execution
- Acute Control Panel SQL Injection Vulnerability and Remote File Include Vulnerability