The link you listed has the mitigation, "Upgrade to Solr 8.11.1” which is what I would recommend. The other one I don’t have a great sense of the details, and would recommend consulting with someone who is a Solr ops expert to give you the answer ;-)
> On Jan 10, 2023, at 10:03 AM, hari prasad <harryprasad1...@gmail.com> wrote: > > Hi Team, > > We have a Sitecore project of version 9.3 and we are using windows Sol 8.1.1. > We have this Vulnerability "Apache Solr Information Disclosure Vulnerability" > impacted on few of our servers. And below are the patch fix suggested by Solr > for this vulnerability. > > Ref: SOLR-15826 -CVE-2021-44548 > > URL: > https://solr.apache.org/security.html#cve-2021-44548-apache-solr-information-disclosure-vulnerability-through-dataimporthandler > > Impacted Servers: > Servers like TST, STG. > > Mitigation: > (a) Ensure only trusted clients can make requests to Solr's Datalmport > handler. > > Comment: > Please advise how to fix this Vulnerability and where we have to make the > changes. Providing step by steps would be great. > Or > Please suggest any other solution to fix this Vulnerability. > > Best, > Hariprasad T _______________________ Eric Pugh | Founder & CEO | OpenSource Connections, LLC | 434.466.1467 | http://www.opensourceconnections.com <http://www.opensourceconnections.com/> | My Free/Busy <http://tinyurl.com/eric-cal> Co-Author: Apache Solr Enterprise Search Server, 3rd Ed <https://www.packtpub.com/big-data-and-business-intelligence/apache-solr-enterprise-search-server-third-edition-raw> This e-mail and all contents, including attachments, is considered to be Company Confidential unless explicitly stated otherwise, regardless of whether attachments are marked as such.
