• Remediate CVE-2022-39135 (https://solr.apache.org/security.html#apache-solr-is-vulnerable-to-cve-2022-39135-via-sql-handler) against a on-prem EDR server/cluster
• CVE-2022-39135 impacts underlying bundled Solr database, exposed via /sql handler.  

• EDR Server:  All supported versions
• Standalone Server or Cluster

1. Stop the EDR cluster/server
2. Edit /etc/cb/solr/core_conf/cbalerts/solrconfig.xml.template 
3. Locate the first "requestHandler" entry, and inserting above it:

<requestHandler name="/sql" class="solr.NotFoundRequestHandler"/>

4. Repeat step 3 for solrconfig.xml.template in the following additional directories:

/etc/cb/solr/core_conf/cbfeeds/conf/solrconfig.xml.template
/etc/cb/solr/core_conf/cbmodules/conf/solrconfig.xml.template 
/etc/cb/solr/core_conf/configsets/cbevents_v2/conf/solrconfig.xml.template
/etc/cb/solr/core_conf/configsets/cbevents_v1/conf/solrconfig.xml.template
/etc/cb/solr/core_conf/configsets/cbevents_v0/conf/solrconfig.xml.template

5. Start the server/cluster

• For a cluster environment, this should be applied to the Primary server and all Secondary servers. 
• By default, the installers configure Solr in "standard mode", which is not impacted by CVE-2022-39135.  
• Be careful and DO NOT edit the solr.xml.template placed at root solr location i.e /etc/cb/solr.  Only add the line only in the individual folders' solrconfig.xml.template. Note that these files are different names:  solr.xml.template vs solrconfig.xml.template.  Only solrconfig.xml.template should be updated.
• By default, Solr will only forward requests to /sql handlers if Solr is in "CloudMode", otherwise the following message is presented regardless of remediation steps (and CVE-2022-39135 cannot be exploited), and Solr is not configured in cloud mode by our installers:

"EXCEPTION":"/sql handler only works in Solr Cloud mode",