Webinar: 3 Ways to Optimize for Search
Webinar: 3 Ways to Optimize for Search
Register Now
Search
Schedule A Demo
Webinar: 3 Ways to Optimize for Search
Webinar: 3 Ways to Optimize for Search
Register Now

January 27, 2025

New Solr Vulnerabilities Identified – CVE-2024-52012 and CVE-2025-24814

Dipsy Kapoor

VP, Engineering

Managed Search Trust and Compliance Solr Service Solr Operations Product Announcement

January 27, 2025

New Solr Vulnerabilities Identified – CVE-2024-52012 and CVE-2025-24814

Dipsy Kapoor

|

VP, Engineering

January 2025 Solr vulnerabilities update for SearchStax Managed Search service

In this article

In this article

In this article

In this article

Share this on:

Two new Solr vulnerabilities have been recently identified. We want to provide the information readily available and the recommended mitigation measures as part of providing peace of mind to our customers.

These vulnerabilities have not been assigned CVSS scores yet, and are being tracked as CVE-2024-52012 and CVE-2025-24814.

CVE-2024-52012

Description of Solr Vulnerability

Relative Path Traversal vulnerability in Apache Solr. Solr instances running on Windows are vulnerable to arbitrary filepath write-access, due to a lack of input-sanitation in the “configset upload” API. Commonly known as a “zipslip,” maliciously constructed ZIP files can use relative filepaths to write data to unanticipated parts of the filesystem

Affected Deployments

Deployments using Solr 6.6.0 through 9.7.0 on Windows operating system.

Recommended Mitigations

SearchStax deployments do not run on Windows, so they are not susceptible to this vulnerability.

CVE-2025-24814

Description of Solr Vulnerability

Core creation allows users to replace “trusted” configset files with arbitrary configuration Solr instances that (1) use the “FileSystemConfigSetService” component (the default in “standalone” or “user-managed” mode), and (2) are running without authentication and authorization are vulnerable to a sort of privilege escalation wherein individual “trusted” configset files can be ignored in favor of potentially-untrusted replacements available elsewhere on the filesystem. These replacement config files are treated as “trusted” and can use “<lib>” tags to add to Solr’s classpath, which an attacker might use to load malicious code as a searchComponent or other plugin.

Affected Deployments

Solr Deployments through Solr 9.7.0 running in standalone mode.

Recommended Mitigations

SearchStax deployments do not run in standalone mode and use SolrCloud mode, which is not susceptible to this vulnerability.

CTA Section Title

Action DescriptionLorem ipsum dolor sit amet, consectetur adipiscing it, nsect etur sed do eiusmod.

cta title
Dipsy Kapoor
|
VP, Engineering

Dipsy brings over a decade of large scale search, data alignment, integration, and machine learning experience in building cloud-based software applications. Prior to joining SearchStax, Dipsy worked with both federal and commercial organizations delivering high-value results using big data and machine learning technologies in cloud environments. Dipsy earned her M.S. in Computer Science from the University of Southern California.

Read more from Dipsy Kapoor

You might also like

What is Solr?
Managed Search

What is Solr?

Retrieval Augmented Generation Backed with Managed Search
Managed Search

Retrieval Augmented Generation Backed with Managed Search

Data Analysis with Managed Search
Managed Search

Data Analysis with Managed Search

January 27, 2025

Dipsy Kapoor

|

5 min. read

Two new Solr vulnerabilities have been recently identified. We want to provide the information readily available and the recommended mitigation measures as part of providing peace of mind to our customers.

These vulnerabilities have not been assigned CVSS scores yet, and are being tracked as CVE-2024-52012 and CVE-2025-24814.

CVE-2024-52012

Description of Solr Vulnerability

Relative Path Traversal vulnerability in Apache Solr. Solr instances running on Windows are vulnerable to arbitrary filepath write-access, due to a lack of input-sanitation in the “configset upload” API. Commonly known as a “zipslip,” maliciously constructed ZIP files can use relative filepaths to write data to unanticipated parts of the filesystem

 

Affected Deployments

Deployments using Solr 6.6.0 through 9.7.0 on Windows operating system.

 

Recommended Mitigations

SearchStax deployments do not run on Windows, so they are not susceptible to this vulnerability.

CVE-2025-24814

Description of Solr Vulnerability

Core creation allows users to replace “trusted” configset files with arbitrary configuration Solr instances that (1) use the “FileSystemConfigSetService” component (the default in “standalone” or “user-managed” mode), and (2) are running without authentication and authorization are vulnerable to a sort of privilege escalation wherein individual “trusted” configset files can be ignored in favor of potentially-untrusted replacements available elsewhere on the filesystem. These replacement config files are treated as “trusted” and can use “<lib>” tags to add to Solr’s classpath, which an attacker might use to load malicious code as a searchComponent or other plugin.

 

Affected Deployments

Solr Deployments through Solr 9.7.0 running in standalone mode.

 

Recommended Mitigations

SearchStax deployments do not run in standalone mode and use SolrCloud mode, which is not susceptible to this vulnerability.

Dipsy Kapoor
|
VP, Engineering

Dipsy brings over a decade of large scale search, data alignment, integration, and machine learning experience in building cloud-based software applications. Prior to joining SearchStax, Dipsy worked with both federal and commercial organizations delivering high-value results using big data and machine learning technologies in cloud environments. Dipsy earned her M.S. in Computer Science from the University of Southern California.

Read more from Dipsy Kapoor

In this article

In this article

Share this on: