CVE-2021-44548: 
Java vulnerability analysis and mitigation

An Improper Input Validation vulnerability (CVE-2021-44548) was discovered in the DataImportHandler of Apache Solr. The vulnerability affects all Apache Solr versions prior to 8.11.1 and specifically impacts Windows-based installations. This vulnerability was disclosed on December 18, 2021, and allows attackers to provide a Windows UNC path that results in an SMB network call being made from the Solr host to another host on the network (Apache Solr, NVD).

The vulnerability has been assigned a CVSS v3.1 base score of 9.8 (CRITICAL) with the vector string CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H. The vulnerability is classified under CWE-22 (Improper Limitation of a Pathname to a Restricted Directory) and CWE-40 (Path Traversal: Windows UNC Share). The issue specifically relates to the improper validation of input in the DataImportHandler component, which allows attackers to manipulate Windows UNC paths (NVD).

If an attacker has wider access to the network, this vulnerability can lead to several serious consequences: the exfiltration of sensitive data such as OS user hashes (NTLM/LM hashes), and in cases of misconfigured systems, SMB Relay Attacks which can lead to user impersonation on SMB Shares or potentially Remote Code Execution (Apache Solr).

The primary mitigation is to upgrade to Solr version 8.11.1 or later. Additionally, organizations should ensure that only trusted clients can make requests to Solr's DataImport handler. The vulnerability only affects Windows installations, so Linux-based deployments are not impacted (Apache Solr).