CVE-2024-52012

CVE-2024-52012 is a Relative Path Traversal vulnerability, commonly known as a "zipslip", in the "configset upload" API of Apache Solr. Solr instances running on Windows are vulnerable to arbitrary filepath write-access due to a lack of input sanitization when processing ZIP files, which can use relative filepaths to write data to unanticipated parts of the filesystem. This issue affects Apache Solr versions from 6.6 through 9.7.0.

The vulnerability has a CVSS score of 5.4 (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N), requiring low-privilege authenticated access over the network with no user interaction. An attacker with such privileges can upload a maliciously constructed ZIP file via the configset upload API, achieving arbitrary file writes outside the intended directory and resulting in low confidentiality and integrity impacts.

Apache advisories recommend upgrading to version 9.8.0, which fixes the issue. Users unable to upgrade may mitigate the vulnerability by using Solr's "Rule-Based Authentication Plugin" to restrict access to the configset upload API to a trusted set of administrators or users. Further details are provided in the Apache mailing list thread at https://lists.apache.org/thread/yp39pgbv4vf1746pf5yblz84lv30vfxd and the oss-security announcement at http://www.openwall.com/lists/oss-security/2025/01/26/2.