Total Tests:

Experts Expect “Aggressive Exploitation” of Two Apache Solr Vulnerabilities

By Ed Targett for Computer Business Review
Tuesday, November 26, 2019

Apache Solr, an open source enterprise search platform used by some of the biggest names in business including Adobe, Bloomberg, eBay, Goldman Sachs, Instagram and Netflix as users, remains vulnerable to a zero day weeks after proof-of-concept code became public, cybersecurity experts have warned.

Ilia Kolochenko, founder and CEO of web security company ImmuniWeb, commented: “Modern-day cybercrime groups are super agile.

“Probably, as early as the first PoC was published, it was on their radar. On underground marketplaces, one can easily find lists of servers or websites with specific network or web software. Once a hot 0day is published, attackers buy these lists with all publicly-known servers running the vulnerable software and swiftly launch their attacks. Given that the vulnerability is exploitable in default configuration, we should expect quite large-scale and aggressive exploitation in the wild pretty soon.

“Server admins must urgently update their configuration as per vendor’s instructions, and then ascertain that their servers have not been breached before.” Read Full Article


Book a Call Ask a Question
Close
Talk to ImmuniWeb Experts
ImmuniWeb AI Platform
Have a Technical Question?

Our security experts will answer within
one business day. No obligations.

Have a Sales Question?
Email:
Tel: +41 22 560 6800 (Switzerland)
Tel: +1 720 605 9147 (USA)
*
*
*
*
Your data will stay private and confidential