A newly disclosed vulnerability in Apache Solr, identified as CVE-2024-52012, poses a significant risk to users running the platform on Windows systems. This vulnerability, categorized as a Relative Path Traversal flaw, affects versions 6.6 through 9.7.0 and is found in the “configset upload” API. The issue arises from a lack of proper input validation, allowing attackers to upload ZIP archives that contain relative file paths designed to traverse directories. These specially crafted files can potentially overwrite important system files or even introduce malicious code, leading to compromised system integrity.
The vulnerability, often referred to as “Zip Slip,” allows attackers to exploit the flaw remotely without requiring advanced technical expertise. The exploit process involves crafting a ZIP archive containing relative paths that point to locations outside of the intended directory structure. Once uploaded via the configset upload API, the malicious files are extracted and written to unintended locations within the system, which can cause severe damage. This flaw is especially concerning for administrators of Apache Solr instances running on Windows, as it can be exploited without the need for authentication or any specialized access.
In response to this issue, Apache has released version 9.8.0, which implements stricter input validation for the configset upload API, preventing directory traversal attacks.
For users who are unable to upgrade immediately, Apache recommends using the “Rule-Based Authentication Plugin” to restrict access to the configset upload API to a trusted group of administrators. This step can help mitigate the vulnerability while waiting for the patch to be applied. Users are strongly encouraged to address this flaw promptly to safeguard their systems and maintain the security of their Apache Solr instances.
The “Zip Slip” vulnerability is not unique to Apache Solr and has been found in multiple software ecosystems, particularly in applications that handle ZIP file uploads. The flaw underscores the importance of properly validating extracted file paths to prevent directory traversal and arbitrary file writes. As a critical tool used by many organizations, Apache Solr’s security is paramount, and vulnerabilities like CVE-2024-52012 highlight the ongoing need for vigilance in addressing potential threats and ensuring that best practices for input validation are followed.
