id: solr-admin-query

info:
  name: Solr - Admin Page Access
  author: dhiyaneshDK
  severity: high
  description: Solr's admin page was able to be accessed with no authentication requirements in place.
  reference:
    - https://www.exploit-db.com/ghdb/5856
  classification:
    cpe: cpe:2.3:a:apache:solr:*:*:*:*:*:*:*:*
  metadata:
    max-request: 2
    vendor: apache
    product: solr
  tags: solr,unauth,edb,misconfig

http:
  - method: GET
    path:
      - '{{BaseURL}}/admin/'
      - '{{BaseURL}}/solr/admin/'

    matchers-condition: and
    matchers:
      - type: word
        words:
          - '<title>Solr admin page</title>'

      - type: status
        status:
          - 200
# digest: 490a0046304402204b9db9b26a9d8c747ee9022917fee2f49049d6212474cdcac0b96e1f7640848002204d57caa13af82339f680e6ff31f90f812265813d17c0fd928f10462c9fc64122:922c64590222798bb761d5b6d8e72950