ColdFusion 9 Solr Vulnerability - Are you at Risk?
Adobe just released a security bulletin APSB10-04 for ColdFusion 9. If you have the Solr Search Service running on a ColdFusion 9 server it binds the Solr Web Service to port
8983 on all IP addresses. Adobe has also released a Technote describing how to fix the issue.
Is your CF9 Server at Risk?
I've updated my ColdFusion Security Scanner: hackmycf.com to test for this issue. So you can just head over there and type in your domain / email to find out.
Adobe has classified this issue as Important not Critical, but if you are using the CF9 solr service to index sensitive data, it could very well be a critical issue for you to resolve. Also if any vulnerabilities are discovered in the Solr web service itself it may become critical. I am sure a denial of service attack would be pretty easy to perform given the tools the Solr Service exposes.
It also exposes a lot of system information, all the java system properties can be exposed by visiting:
http://localhost:8983/solr/data_medialibrary/admin/get-properties.jsp which exposes things such as:
- Operating System
- Operating System Patch Level
- ColdFusion Installation Paths
- Java Version Info
The good news is that if you have a network firewall in place, your firewall should be blocking requests for this port.
Given all you can do with this service, I would strongly recommend you do the following:
- Make sure your firewall blocks port 8983
- Disable the Solr Search Service if you are not using it.
- Follow the instructions in the technote to limit access to localhost.
By the way, here is a handy way to stay current on Solr security issues.
Like this? Follow me ↯Tweet Follow @pfreitag
ColdFusion 9 Solr Vulnerability - Are you at Risk? was first published on January 29, 2010.
If you like reading about coldfusion, security, or solr then you might also like:
- ColdFusion 2020 Developer Week - Securing CF
- Fixinator and Foundeo Security Bundle
- CFSummit 2016 Slides
- Scope Injection in CFML
- New HackMyCF Features
- J2EE Sessions in CF10 Uses Secure Cookies
- Learn about ColdFusion Security at cfObjective 2013
- Session Loss and Session Fixation in ColdFusion
The FuseGuard Web Application Firewall for ColdFusion & CFML is a high performance, customizable engine that blocks various attacks against your ColdFusion applications.