CVE-2026-44825
Analyzed Analyzed - Analysis Complete
Hard-Coded Credentials in Apache Solr Authentication Tool

Publication date: 2026-06-01

Last updated on: 2026-06-01

Assigner: Apache Software Foundation

Description
Hardcoded credentials in the Basic Authentication setup tool (bin/solr auth enable) in Apache Solr versions 9.4.0 through 9.10.1 and 10.0.0 allows a remote attacker to gain full administrative access to the cluster via publicly known default credentials installed silently alongside the user-specified account. As an immediate workaround without upgrading, delete the template users (superadmin, admin, search, index) from security.jsonΒ or change their passwords. The future, not yet released, versions 9.11.0 and 10.1.0 will not be vulnerable, and it will be enough to upgrade to solve the issue. Not affected: * Clusters where bin/solr auth enable was not used to bootstrap BasicAuth * Clusters where template users have been assigned strong passwords after bootstrap
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-06-01
Last Modified
2026-06-01
Generated
2026-06-21
AI Q&A
2026-06-01
EPSS Evaluated
2026-06-20
NVD
CVE-2026-44825
EUVD
EUVD-2026-33602
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
apache solr From 9.4.0 (inc) to 9.10.1 (inc)
apache solr 10.0.0
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-798 The product contains hard-coded credentials, such as a password or cryptographic key.
CWE-1188 The product initializes or sets a resource with a default that is intended to be changed by the product's installer, administrator, or maintainer, but the default is not secure.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability involves hardcoded credentials in the Basic Authentication setup tool (bin/solr auth enable) in Apache Solr versions 9.4.0 through 9.10.1 and 10.0.0. These default credentials are installed silently alongside the user-specified account, allowing a remote attacker to gain full administrative access to the Solr cluster.

The issue arises because template users such as superadmin, admin, search, and index have default passwords that can be exploited if not changed or removed.

An immediate workaround without upgrading is to delete these template users from the security.json file or change their passwords. Future versions 9.11.0 and 10.1.0 will fix this vulnerability.

Impact Analysis

This vulnerability can allow a remote attacker to gain full administrative access to your Apache Solr cluster without authorization.

With full administrative access, the attacker can compromise confidentiality, integrity, and availability of the data and services managed by the Solr cluster.

This could lead to unauthorized data access, data modification, service disruption, or further exploitation within your environment.

Detection Guidance

This vulnerability involves hardcoded default credentials in the Basic Authentication setup tool of Apache Solr. Detection can be performed by checking if the vulnerable versions (9.4.0 through 9.10.1 and 10.0.0) are in use and if the default template users (superadmin, admin, search, index) exist with their default passwords.

You can inspect the security.json file in your Solr configuration to see if these template users are present and whether their passwords have been changed.

While no specific commands are provided in the context, a general approach would be to use commands to read and search the security.json file, for example:

  • cat /path/to/solr/security.json | grep -E 'superadmin|admin|search|index'
  • Check Solr version with: bin/solr --version

Additionally, attempting to authenticate using the known default credentials against the Solr cluster could help confirm vulnerability presence.

Mitigation Strategies

Immediate mitigation steps without upgrading include deleting the template users (superadmin, admin, search, index) from the security.json file or changing their passwords to strong, unique values.

Upgrading to future versions 9.11.0 or 10.1.0, which are not vulnerable, will fully resolve the issue.

Clusters that did not use the bin/solr auth enable tool to bootstrap BasicAuth or where template users have already been assigned strong passwords are not affected.

Compliance Impact

This vulnerability allows a remote attacker to gain full administrative access to the Apache Solr cluster via hardcoded default credentials. Such unauthorized access can lead to exposure, modification, or deletion of sensitive data.

Because of the potential for unauthorized data access and control, this vulnerability could negatively impact compliance with data protection standards and regulations such as GDPR and HIPAA, which require strict access controls and protection of sensitive information.

Mitigations include deleting the template users or changing their passwords, or upgrading to fixed versions, which are necessary steps to maintain compliance.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-44825. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart