8.1

CVE-2017-12615

Warnung
Exploit
When running Apache Tomcat 7.0.0 to 7.0.79 on Windows with HTTP PUTs enabled (e.g. via setting the readonly initialisation parameter of the Default to false) it was possible to upload a JSP file to the server via a specially crafted request. This JSP could then be requested and any code it contained would be executed by the server.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
ApacheTomcat Version >= 7.0.0 <= 7.0.79
   MicrosoftWindows Version-
NetappOncommand Balance Version-
NetappOncommand Shift Version-
RedhatEnterprise Linux Eus Version7.4
RedhatEnterprise Linux Eus Version7.5
RedhatEnterprise Linux Eus Version7.6
RedhatEnterprise Linux Eus Version7.7

25.03.2022: CISA Known Exploited Vulnerabilities (KEV) Catalog

Apache Tomcat on Windows Remote Code Execution Vulnerability

Schwachstelle

When running Apache Tomcat on Windows with HTTP PUTs enabled, it is possible to upload a JSP file to the server via a specially crafted request. This JSP could then be requested and any code it contained would be executed by the server.

Beschreibung

Apply updates per vendor instructions.

Erforderliche Maßnahmen
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 99.61% 0.999
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 8.1 2.2 5.9
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov 6.8 8.6 6.4
AV:N/AC:M/Au:N/C:P/I:P/A:P
134c704f-9b21-4f2e-91b3-4a467353bcc0 8.1 2.2 5.9
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
CWE-434 Unrestricted Upload of File with Dangerous Type

The product allows the upload or transfer of dangerous file types that are automatically processed within its environment.

https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c%40%3Cdev.tomcat.apache.org%3E
Patch
Mailing List
https://lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708%40%3Cdev.tomcat.apache.org%3E
Patch
Mailing List
https://lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7%40%3Cdev.tomcat.apache.org%3E
Patch
Mailing List
https://lists.apache.org/thread.html/845312a10aabbe2c499fca94003881d2c79fc993d85f34c1f5c77424%40%3Cdev.tomcat.apache.org%3E
Patch
Mailing List
https://lists.apache.org/thread.html/r6d03e45b81eab03580cf7f8bb51cb3e9a1b10a2cc0c6a2d3cc92ed0c%40%3Cannounce.apache.org%3E
Mailing List
https://access.redhat.com/errata/RHSA-2017:3113
Third Party Advisory
https://access.redhat.com/errata/RHSA-2017:3114
Third Party Advisory
https://access.redhat.com/errata/RHSA-2017:3080
Third Party Advisory
https://access.redhat.com/errata/RHSA-2017:3081
Third Party Advisory
http://breaktoprotect.blogspot.com/2017/09/the-case-of-cve-2017-12615-tomcat-7-put.html
Exploit
http://www.securityfocus.com/bid/100901
Third Party Advisory
Broken Link
VDB Entry
http://www.securitytracker.com/id/1039392
Third Party Advisory
Broken Link
VDB Entry
https://access.redhat.com/errata/RHSA-2018:0465
Third Party Advisory
https://access.redhat.com/errata/RHSA-2018:0466
Third Party Advisory
https://github.com/breaktoprotect/CVE-2017-12615
Third Party Advisory
Exploit
https://lists.apache.org/thread.html/8fcb1e2d5895413abcf266f011b9918ae03e0b7daceb118ffbf23f8c%40%3Cannounce.tomcat.apache.org%3E
Mailing List
Issue Tracking
https://security.netapp.com/advisory/ntap-20171018-0001/
Third Party Advisory
https://www.exploit-db.com/exploits/42953/
Third Party Advisory
VDB Entry
https://www.synology.com/support/security/Synology_SA_17_54_Tomcat
Third Party Advisory
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2017-12615
US Government Resource