Go to computer terminal for registration
Recently, the security team of JD Cloud has detected thatthe vulnerability (CVE-2019-0192) is executed by the SoIr component via a remote command. Due to such vulnerability, the attacker is able to execute commands or further operation in the Virtual Machines attacked. As vulnerabilities will affect in some way
JD Cloud security team recommends that you should conduct the security self-examination in a timely manner. If your business is in the affecting scope, please update and fix the problem in time to avoid attacks from an external attacker.
The vulnerability type isRCE( remote code execution), the vulnerability is found inSoIr Passing allowedHTTP POST Request configurationSolr ofJMX Server
InSoIr Passing jmx.serviceUrl Remote commands are executed by the data incredible in deserialization. Threaten the Endpoint Security.
1. Upgrade toApache Solr 7.0 Or higher version
2. Please use the system attribute if the upgrade cannot be madedisable.configEdit = true RunningSolr, DisableConfigAPI (If not used)
3.Configure an access whitelist to ensure inflow of credible access traffic/Quit runningSolr Virtual Machines
JD Cloud team2019-03-08 19:11:55