We recently stumbled upon a detailed article on a Solr attack using SSRF, by Nicolas Grégoire. To summarise: if you think you are safe because you have your Solr hidden behind another system, and that you have only a http server facing the web to make things ok, you may have problems you did not think about.
While reading this article, I was thinking about use cases related to CMS systems with users management, and which are accessible from the web. They are a good fit for such attacks. The good news is that Solr 4.6 solves this vulnerability. The bad news is that you need to do your migration quickly if you want to sleep well 😉