CVE-2020-13957
Published at:
-
13-10-2020 09:15
Last modified:
-
22-02-2022 11:05
Total changes:
-
10
Description
Common Vulnerability Scoring System (CVSS)
Low
Attack complexity
Network
Attack vector
High
Availability
High
Confidentiality
High
Integrity
None
Privileges required
Unchanged
Scope
None
User interaction
9.8
Base score
3.9
5.9
Exploitability score
Impact score
Verification logic
Reference
- https://mail-archives.us.apache.org/mod_mbox/www-announce/202010.mbox/%3CCAECwjAWCVLoVaZy%3DTNRQ6Wk9KWVxdPRiGS8NT%2BPHMJCxbbsEVg%40mail.gmail.com%3E
- [lucene-issues] 20201013 [jira] [Updated] (SOLR-14925) CVE-2020-13957: The checks added to unauthenticated configset uploads can be circumvented-Mailing List, Vendor Advisory
- [lucene-issues] 20201019 [GitHub] [lucene-site] tflobbe opened a new pull request #31: Add CVE-2020-13957 page-Mailing List, Vendor Advisory
- https://security.netapp.com/advisory/ntap-20201023-0002/
- [lucene-issues] 20201029 [jira] [Commented] (SOLR-14925) CVE-2020-13957: The checks added to unauthenticated configset uploads can be circumvented-Mailing List, Vendor Advisory
- [lucene-issues] 20201030 [GitHub] [lucene-site] tflobbe opened a new pull request #32: Publish: Add CVE-2020-13957 page (#31)-Mailing List, Vendor Advisory
- [lucene-issues] 20201030 [GitHub] [lucene-site] tflobbe commented on pull request #32: Publish: Add CVE-2020-13957 page (#31)-Mailing List, Vendor Advisory
- [lucene-commits] 20201030 [lucene-site] branch master updated: Add CVE-2020-13957 page (#31)-Mailing List, Patch, Vendor Advisory
- [lucene-commits] 20201030 [lucene-site] 02/02: Add CVE-2020-13957 page (#31)-Mailing List, Patch, Vendor Advisory
- [lucene-issues] 20201102 [jira] [Updated] (SOLR-14925) CVE-2020-13957: The checks added to unauthenticated configset uploads can be circumvented-Mailing List, Vendor Advisory
- [lucene-issues] 20201102 [jira] [Commented] (SOLR-14925) CVE-2020-13957: The checks added to unauthenticated configset uploads can be circumvented-Mailing List, Vendor Advisory
- [lucene-issues] 20201030 [GitHub] [lucene-site] tflobbe merged pull request #31: Add CVE-2020-13957 page-Mailing List, Vendor Advisory
- [lucene-issues] 20201030 [GitHub] [lucene-site] tflobbe closed pull request #32: Publish: Add CVE-2020-13957 page (#31)-Mailing List, Vendor Advisory
- [bigtop-dev] 20210221 [jira] [Created] (BIGTOP-3507) Solr: CVE-2020-13957 mitigation backport-Mailing List, Vendor Advisory
- [bigtop-issues] 20210221 [jira] [Created] (BIGTOP-3507) Solr: CVE-2020-13957 mitigation backport-Mailing List, Vendor Advisory
- [bigtop-issues] 20210222 [jira] [Assigned] (BIGTOP-3507) Solr: CVE-2020-13957 mitigation backport-Mailing List, Vendor Advisory
- [bigtop-dev] 20210225 [GitHub] [bigtop] JunHe77 opened a new pull request #743: BIGTOP-3507: CVE-2020-13957 mitigation backport-Mailing List, Vendor Advisory
- [bigtop-commits] 20210301 [bigtop] branch master updated: BIGTOP-3507: CVE-2020-13957 mitigation backport (#743)-Mailing List, Vendor Advisory
- [bigtop-dev] 20210301 [GitHub] [bigtop] iwasakims merged pull request #743: BIGTOP-3507: CVE-2020-13957 mitigation backport-Mailing List, Vendor Advisory
- [bigtop-issues] 20210301 [jira] [Resolved] (BIGTOP-3507) Solr: CVE-2020-13957 mitigation backport-Mailing List, Vendor Advisory
- [bigtop-dev] 20210301 [GitHub] [bigtop] JunHe77 commented on pull request #743: BIGTOP-3507: CVE-2020-13957 mitigation backport-Mailing List, Vendor Advisory
- [druid-commits] 20210324 [GitHub] [druid] jihoonson opened a new pull request #11030: Suppress cves-Mailing List, Vendor Advisory
Keywords