Shodan
Vulnerabilities
Vulnerable Software

Vulnerability Details CVE-2013-6408

The DocumentAnalysisRequestHandler in Apache Solr before 4.3.1 does not properly use the EmptyEntityResolver, which allows remote attackers to have an unspecified impact via XML data containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue. NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-6407.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.067
EPSS Ranking 90.7%
CVSS Severity
CVSS v2 Score 6.4
Products affected by CVE-2013-6408
  • Apache » Solr » Version: N/A
    cpe:2.3:a:apache:solr:-
  • Apache » Solr » Version: 1.1.0
    cpe:2.3:a:apache:solr:1.1.0
  • Apache » Solr » Version: 1.2
    cpe:2.3:a:apache:solr:1.2
  • Apache » Solr » Version: 1.2.0
    cpe:2.3:a:apache:solr:1.2.0
  • Apache » Solr » Version: 1.3.0
    cpe:2.3:a:apache:solr:1.3.0
  • Apache » Solr » Version: 1.4.0
    cpe:2.3:a:apache:solr:1.4.0
  • Apache » Solr » Version: 1.4.1
    cpe:2.3:a:apache:solr:1.4.1
  • Apache » Solr » Version: 3.1
    cpe:2.3:a:apache:solr:3.1
  • Apache » Solr » Version: 3.1.0
    cpe:2.3:a:apache:solr:3.1.0
  • Apache » Solr » Version: 3.2
    cpe:2.3:a:apache:solr:3.2
  • Apache » Solr » Version: 3.2.0
    cpe:2.3:a:apache:solr:3.2.0
  • Apache » Solr » Version: 3.3
    cpe:2.3:a:apache:solr:3.3
  • Apache » Solr » Version: 3.3.0
    cpe:2.3:a:apache:solr:3.3.0
  • Apache » Solr » Version: 3.4.0
    cpe:2.3:a:apache:solr:3.4.0
  • Apache » Solr » Version: 3.5.0
    cpe:2.3:a:apache:solr:3.5.0
  • Apache » Solr » Version: 3.6.0
    cpe:2.3:a:apache:solr:3.6.0
  • Apache » Solr » Version: 3.6.1
    cpe:2.3:a:apache:solr:3.6.1
  • Apache » Solr » Version: 3.6.2
    cpe:2.3:a:apache:solr:3.6.2
  • Apache » Solr » Version: 4.0.0
    cpe:2.3:a:apache:solr:4.0.0
  • Apache » Solr » Version: 4.1.0
    cpe:2.3:a:apache:solr:4.1.0
  • Apache » Solr » Version: 4.2.0
    cpe:2.3:a:apache:solr:4.2.0
  • Apache » Solr » Version: 4.2.1
    cpe:2.3:a:apache:solr:4.2.1
  • Apache » Solr » Version: 4.3.0
    cpe:2.3:a:apache:solr:4.3.0


Products
Pricing
Contact Us

Shodan ® - All rights reserved