On 4/7/2022 8:56 AM, Anchal Sharma2 wrote:
The CVE number is CVE-2000-0649. https://nvd.nist.gov/vuln/detail/CVE-2000-0649 Can anyone suggest some fixes for the said vulnerability ? NVD - CVE-2000-0649<https://nvd.nist.gov/vuln/detail/CVE-2000-0649> Current Description . IIS 4.0 allows remote attackers to obtain the internal IP address of the server via an HTTP 1.0 request for a web page which is protected by basic authentication and has no realm defined
If anybody who is not clearly authorized can make a network connection to your Solr server, then you've failed the most basic security recommendation we can make: Do not allow network connections from people and applications that are not authorized to use that Solr install. I would go further, and say that Solr should never be exposed to the open Internet, whether it is protected by encryption and authentication or not.
If somebody compromises one of your other machines, then they most likely already have the internal IP address for the Solr machine, because the address or name of the Solr server will be in the application configuration, and from a name, they can get an IP address.
So ... if you follow recommendations, this vulnerability is only exploitable by someone who has already broken your security and already has the information that could be disclosed.
Thanks, Shawn
