CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2013-6407

The UpdateRequestHandler for XML in Apache Solr before 4.1 allows remote attackers to have an unspecified impact via XML data containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.067

EPSS Ranking 90.7%

CVSS Severity

CVSS v2 Score 6.4

References

Products affected by CVE-2013-6407

Apache » Solr » Version: N/A

cpe:2.3:a:apache:solr:-
Apache » Solr » Version: 1.1.0

cpe:2.3:a:apache:solr:1.1.0
Apache » Solr » Version: 1.2

cpe:2.3:a:apache:solr:1.2
Apache » Solr » Version: 1.2.0

cpe:2.3:a:apache:solr:1.2.0
Apache » Solr » Version: 1.3.0

cpe:2.3:a:apache:solr:1.3.0
Apache » Solr » Version: 1.4.0

cpe:2.3:a:apache:solr:1.4.0
Apache » Solr » Version: 1.4.1

cpe:2.3:a:apache:solr:1.4.1
Apache » Solr » Version: 3.1

cpe:2.3:a:apache:solr:3.1
Apache » Solr » Version: 3.1.0

cpe:2.3:a:apache:solr:3.1.0
Apache » Solr » Version: 3.2

cpe:2.3:a:apache:solr:3.2
Apache » Solr » Version: 3.2.0

cpe:2.3:a:apache:solr:3.2.0
Apache » Solr » Version: 3.3

cpe:2.3:a:apache:solr:3.3
Apache » Solr » Version: 3.3.0

cpe:2.3:a:apache:solr:3.3.0
Apache » Solr » Version: 3.4.0

cpe:2.3:a:apache:solr:3.4.0
Apache » Solr » Version: 3.5.0

cpe:2.3:a:apache:solr:3.5.0
Apache » Solr » Version: 3.6.0

cpe:2.3:a:apache:solr:3.6.0
Apache » Solr » Version: 3.6.1

cpe:2.3:a:apache:solr:3.6.1
Apache » Solr » Version: 3.6.2

cpe:2.3:a:apache:solr:3.6.2
Apache » Solr » Version: 4.0.0

cpe:2.3:a:apache:solr:4.0.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2013-6407

Products

Pricing

Contact Us