CVE-2023-50298

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache Solr.This issue affects Apache Solr: from 6.0.0 through 8.11.2, from 9.0.0 before 9.4.1.<br /> <br /> Solr Streaming Expressions allows users to extract data from other Solr Clouds, using a "zkHost" parameter.<br /> When original SolrCloud is setup to use ZooKeeper credentials and ACLs, they will be sent to whatever "zkHost" the user provides.<br /> An attacker could setup a server to mock ZooKeeper, that accepts ZooKeeper requests with credentials and ACLs and extracts the sensitive information,<br /> then send a streaming expression using the mock server&amp;#39;s address in "zkHost".<br /> Streaming Expressions are exposed via the "/streaming" handler, with "read" permissions.<br /> <br /> Users are recommended to upgrade to version 8.11.3 or 9.4.1, which fix the issue.<br /> From these versions on, only zkHost values that have the same server address (regardless of chroot), will use the given ZooKeeper credentials and ACLs when connecting.