What is CVE-2023-50386?

CVE-2023-50386 is a vulnerability in Apache Software Foundation Solr, classified under Unrestricted Upload of File with Dangerous Type. Published 2024-02-09.

Is CVE-2023-50386 known to be exploited?

9 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Arbitrary file upload in Apache Software Foundation Solr

CVE-2023-50386

Improper Control of Dynamically-Managed Code Resources, Unrestricted Upload of File with Dangerous Type, Inclusion of Functionality from Untrusted Control Sphere vulnerability in Apache Solr.This issue affects Apache Solr: from 6.0.0 throu…

Vulnerability class: Unrestricted File Upload

EPSS: 0.868 (99.4th percentile) — read the EPSS interpretation.

Affected products

Apache Software Foundation Solr — versions 6.0.0, 9.0.0

Weakness classification (CWE)

Public proof-of-concept exploits

References

solr.apache.org/security.html (vendor-advisory)
www.openwall.com/lists/oss-security/2024/02/09/1

Frequently asked questions

What is CVE-2023-50386?: CVE-2023-50386 is a vulnerability in Apache Software Foundation Solr, classified under Unrestricted Upload of File with Dangerous Type. Published 2024-02-09.
Is CVE-2023-50386 known to be exploited?: 9 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.