CVE-2025-24814

Name: CVE-2025-24814
Creator: NVD / NIST
Published: 2025-01-27T09:15:14.947+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

MEDIUMCVSS 5.5/10EPSS 1.14%

Last modified Jun 17, 2026

CVE-2025-24814 is a medium-severity vulnerability rated 5.5/10 on the CVSS scale. Core creation allows users to replace "trusted" configset files with arbitrary configuration Solr instances that (1) use the "FileSystemConfigSetService" component (the default in "standalone" or "user-managed" mode), and (2) are running without authentication and authorization are vulnerable to a sort of privilege escalation wherein individual "trusted" configset files can be ignored in favor of potentially-untrusted replacements available elsewhere on the filesystem. These replacement config files are treated as "trusted" and can use "<lib>" tags to add to Solr's classpath, which an attacker might use to load malicious code as a searchComponent or other plugin. This issue affects all Apache Solr versions up through Solr 9.7. Users can protect against the vulnerability by enabling authentication and authorization on their Solr clusters or switching to SolrCloud (and away from "FileSystemConfigSetService"). Users are also recommended to upgrade to Solr 9.8.0, which mitigates this issue by disabling use of "<lib>" tags by default.. EPSS estimates a 1.14% chance of exploitation in the next 30 days.

Description

Core creation allows users to replace "trusted" configset files with arbitrary configuration Solr instances that (1) use the "FileSystemConfigSetService" component (the default in "standalone" or "user-managed" mode), and (2) are running without authentication and authorization are vulnerable to a sort of privilege escalation wherein individual "trusted" configset files can be ignored in favor of potentially-untrusted replacements available elsewhere on the filesystem. These replacement config files are treated as "trusted" and can use "<lib>" tags to add to Solr's classpath, which an attacker might use to load malicious code as a searchComponent or other plugin. This issue affects all Apache Solr versions up through Solr 9.7. Users can protect against the vulnerability by enabling authentication and authorization on their Solr clusters or switching to SolrCloud (and away from "FileSystemConfigSetService"). Users are also recommended to upgrade to Solr 9.8.0, which mitigates this issue by disabling use of "<lib>" tags by default.

Metrics

CVSS 3.1

5.5/10

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L

EPSS Probability

1.14%

62.5th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

CWE-250

Affected Software

Vendor	Product	Versions
Apache	Solr	< 9.8.0

References

https://lists.apache.org/thread/gl291pn8x9f9n52ys5l0pc0b6qtf0qw1Mailing List, Vendor Advisory
http://www.openwall.com/lists/oss-security/2025/01/26/1Mailing List, Third Party Advisory
https://security.netapp.com/advisory/ntap-20250214-0002/Third Party Advisory

Timeline

Published: Jan 27, 2025
Last Modified: Jun 17, 2026
Status: Analyzed

Frequently Asked Questions

What is CVE-2025-24814?

How severe is CVE-2025-24814?

CVE-2025-24814 has a CVSS score of 5.5/10 (MEDIUM severity). The EPSS model estimates a 1.14% probability of exploitation in the next 30 days.

How do I fix CVE-2025-24814?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2025-24814?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST