How to Elevate Your Drupal Search Experience with Search UI Components for Vue
It’s easier than ever to build customized site saerch with SearchStax Studio. Learn how to build Vue search apps for
Measured Search recently learned of and resolved a security vulnerability with Apache Solr. We want to report this to you, describe how we responded to the incident, and reiterate our commitment to constantly improving the security and integrity of your deployments, data and our service.
On October 13, 2017, we became aware of an Apache Solr zero-day exploit (CVE-2017-12629). This security vulnerability was made public on Apache Solr’s mailing list and was considered a Zero-day Exploit. By combining vulnerabilities, an external attacker can achieve remote code execution without direct access to the Solr server.
Upon receiving notification, our engineering and support staff investigated the issue, replicated the vulnerability, and leveraged the information provided by the Apache Solr community in creating a detailed plan for mitigation.
On the evening of October 13, the team notified all customers of a maintenance window for mitigation of this exploit. During this maintenance window, the SearchStax team applied a fix as recommended by the Apache Solr community. This was sufficient to protect from this type of attack. During the October 13 maintenance window all SearchStax Gold and above deployments were patched.
By October 23, all Silver customer deployments were patched.
We appreciate the work of Michael Stepankin from JPMorgan Chase and Olga Barinova from Gotham Digital Science in discovering the vulnerability and the larger Solr community in disclosing and providing a patch for the vulnerability. We will continue to endeavor to improve our internal processes in order to provide our customers with a secure and trusted platform.
Moving forward we have also certified Apache Solr Version 6.6.2 on SearchStax which includes a security fix for the zero-day exploit (CVE-2017-12629). If you would like to upgrade your deployment to this version of Solr, please email us at support@searchstax.com and we’d be happy to help.
The SearchStax Team
It’s easier than ever to build customized site saerch with SearchStax Studio. Learn how to build Vue search apps for
In this blog, we delve into Headless Content Management Systems, their role in content storage and rendering, and various rendering
Discover SearchStax at Acquia Engage in Boston, where we delve into digital strategy, our sponsorship, and a breakout session on
Copyrights © SearchStax Inc.2014-2023. All Rights Reserved.
close
close
