A bug impacting Apache Solr has been revised from low to high-severity after researchers discovered a new remote code execution exploit. The vulnerability (CVE-2019-12409) was first reported in July and patched in August. The flaw is the default configuration of the solr.in.sh file in Apache SolR. An unauthenticated attacker could leverage the vulnerability to upload malicious code to the server and then install a shell to further compromise the machine. The fix is relatively simple.
Source: https://threatpost.com/apache-solr-bug-gets-bumped-up-to-high-severity/150484/