Vulnerabilities
Misconfiguration
Compliance
CVE Vulnerabilities

CVE-2023-50291

Insufficiently Protected Credentials

Published: Feb 09, 2024 | Modified: May 15, 2025
CVSS 3.x
7.5
HIGH
Source:
NVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
CVSS 2.x
RedHat/V2
RedHat/V3
6.5 MODERATE
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Ubuntu
MEDIUM
Vulnerability-free packages from our partners
root.io logo minimus.io logo echo.ai logo
Additional information
NVDhttps://nvd.nist.gov/vuln/detail/CVE-2023-50291
CWEhttps://cwe.mitre.org/data/definitions/522.html

Insufficiently Protected Credentials vulnerability in Apache Solr.

This issue affects Apache Solr: from 6.0.0 through 8.11.2, from 9.0.0 before 9.3.0. One of the two endpoints that publishes the Solr process Java system properties, /admin/info/properties, was only setup to hide system properties that had password contained in the name. There are a number of sensitive system properties, such as basicauth and aws.secretKey do not contain password, thus their values were published via the /admin/info/properties endpoint. This endpoint populates the list of System Properties on the home screen of the Solr Admin page, making the exposed credentials visible in the UI.

This /admin/info/properties endpoint is protected under the config-read permission. Therefore, Solr Clouds with Authorization enabled will only be vulnerable through logged-in users that have the config-read permission. Users are recommended to upgrade to version 9.3.0 or 8.11.3, which fixes the issue. A single option now controls hiding Java system property for all endpoints, -Dsolr.hiddenSysProps. By default all known sensitive properties are hidden (including -Dbasicauth), as well as any property with a name containing secret or password.

Users who cannot upgrade can also use the following Java system property to fix the issue:   -Dsolr.redaction.system.pattern=.(password|secret|basicauth).

Weakness

The product transmits or stores authentication credentials, but it uses an insecure method that is susceptible to unauthorized interception and/or retrieval.

Affected Software

NameVendorStart VersionEnd Version
SolrApache6.0.0 (including)8.11.3 (excluding)
SolrApache9.0.0 (including)9.3.0 (excluding)
Lucene-solrUbuntubionic*
Lucene-solrUbuntufocal*
Lucene-solrUbuntumantic*
Lucene-solrUbuntuoracular*
Lucene-solrUbuntuplucky*
Lucene-solrUbuntutrusty*
Lucene-solrUbuntutrusty/esm*
Lucene-solrUbuntuxenial*

Potential Mitigations

References

Aqua Security is the largest pure-play cloud native security company, providing customers the freedom to innovate and run their businesses with minimal friction. The Aqua Cloud Native Security Platform provides prevention, detection, and response automation across the entire application lifecycle to secure the build, secure cloud infrastructure and secure running workloads wherever they are deployed.
Copyright © 2026 Aqua Security Software Ltd.   Privacy Policy | Terms of Use