CVE-2017-3164 SSRF issue in Apache Solr
Vendor: The Apache Software Foundation
Apache Solr versions from 1.3 to 7.6.0
The "shards" parameter does not have a corresponding whitelist mechanism,
so it can request any URL.
Upgrade to Apache Solr 7.7.0 or later.
Ensure your network settings are configured so that only trusted traffic is
allowed to ingress/egress your hosts running Solr.
dk from Chaitin Tech