CVE-2026-22022
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2026-01-21

Last updated on: 2026-01-27

Assigner: Apache Software Foundation

Description
Deployments of Apache Solr 5.3.0 through 9.10.0 that rely on Solr's "Rule Based Authorization Plugin" are vulnerable to allowing unauthorized access to certain Solr APIs, due to insufficiently strict input validation in those components.Β  Only deployments that meet all of the following criteria are impacted by this vulnerability: * Use of Solr's "RuleBasedAuthorizationPlugin" * A RuleBasedAuthorizationPlugin config (see security.json) that specifies multiple "roles" * A RuleBasedAuthorizationPlugin permission list (see security.json) that uses one or more of the following pre-defined permission rules: "config-read", "config-edit", "schema-read", "metrics-read", or "security-read". * A RuleBasedAuthorizationPlugin permission list that doesn't define the "all" pre-defined permission * A networking setup that allows clients to make unfiltered network requests to Solr. (i.e. user-submitted HTTP/HTTPS requests reach Solr as-is, unmodified or restricted by any intervening proxy or gateway) Users can mitigate this vulnerability by ensuring that their RuleBasedAuthorizationPlugin configuration specifies the "all" pre-defined permission and associates the permission with an "admin" or other privileged role.Β  Users can also upgrade to a Solr version outside of the impacted range, such as the recently released Solr 9.10.1.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-01-21
Last Modified
2026-01-27
Generated
2026-05-07
AI Q&A
2026-01-21
EPSS Evaluated
2026-05-05
NVD
CVE-2026-22022
EUVD
EUVD-2026-3666
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
apache solr From 5.3.0 (inc) to 9.10.1 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-285 The product does not perform or incorrectly performs an authorization check when an actor attempts to access a resource or perform an action.
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

This vulnerability affects Apache Solr versions 5.3.0 through 9.10.0 when using the RuleBasedAuthorizationPlugin with certain configurations. It allows unauthorized access to specific Solr APIs due to insufficient input validation. The vulnerability only applies if the plugin configuration specifies multiple roles, uses certain predefined permission rules (config-read, config-edit, schema-read, metrics-read, or security-read), does not define the 'all' permission, and if the network setup allows unfiltered client requests to Solr.


How can this vulnerability impact me? :

This vulnerability can allow unauthorized users to access certain Solr APIs that they should not have permission to use. This could lead to exposure or modification of configuration, schema, metrics, or security-related information within Solr, potentially compromising the integrity and confidentiality of the system.


How can this vulnerability be detected on my network or system? Can you suggest some commands?

Detection involves verifying if your Apache Solr deployment uses the RuleBasedAuthorizationPlugin with multiple roles and specific permission rules as described. You should check your security.json configuration for the presence of multiple roles, use of permissions like "config-read", "config-edit", "schema-read", "metrics-read", or "security-read", and absence of the "all" permission. Additionally, verify if your network setup allows unfiltered HTTP/HTTPS requests to Solr. Specific commands are not provided in the available resources.


What immediate steps should I take to mitigate this vulnerability?

Immediate mitigation steps include updating your RuleBasedAuthorizationPlugin configuration to specify the "all" pre-defined permission and associating it with an "admin" or other privileged role. Alternatively, upgrade your Apache Solr deployment to version 9.10.1 or later, which is outside the impacted range.


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart