← Zuruck zu CVEs
CVE-2017-12615
HIGHCISA KEV8.1
Beschreibung
When running Apache Tomcat 7.0.0 to 7.0.79 on Windows with HTTP PUTs enabled (e.g. via setting the readonly initialisation parameter of the Default to false) it was possible to upload a JSP file to the server via a specially crafted request. This JSP could then be requested and any code it contained would be executed by the server.
CVE Details
CVSS v3.1 Bewertung8.1
SchweregradHIGH
CVSS VektorCVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
AngriffsvektorNETWORK
KomplexitatHIGH
Erforderliche PrivilegienNONE
BenutzerinteraktionNONE
Veroffentlicht9/19/2017
Zuletzt geandert4/21/2026
Quellekev
Honeypot-Sichtungen0
CISA KEV
HerstellerApache
ProduktTomcat
SchwachstellennameApache Tomcat on Windows Remote Code Execution Vulnerability
KEV Aufnahmedatum2022-03-25
Behebungsfrist2022-04-15
Ransomware-NutzungKnown
Betroffene Produkte
apache:tomcatmicrosoft:windowsnetapp:7-mode_transition_toolnetapp:oncommand_balancenetapp:oncommand_shiftredhat:enterprise_linux_desktopredhat:enterprise_linux_eusredhat:enterprise_linux_eus_compute_noderedhat:enterprise_linux_for_ibm_z_systemsredhat:enterprise_linux_for_ibm_z_systems_eusredhat:enterprise_linux_for_power_big_endianredhat:enterprise_linux_for_power_big_endian_eusredhat:enterprise_linux_for_power_little_endianredhat:enterprise_linux_for_power_little_endian_eusredhat:enterprise_linux_for_scientific_computingredhat:enterprise_linux_serverredhat:enterprise_linux_server_ausredhat:enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutionsredhat:enterprise_linux_server_tusredhat:enterprise_linux_server_update_services_for_sap_solutionsredhat:enterprise_linux_workstationredhat:jboss_enterprise_web_serverredhat:jboss_enterprise_web_server_text-only_advisories
Schwachen (CWE)
CWE-434CWE-434
Referenzen
http://breaktoprotect.blogspot.com/2017/09/the-case-of-cve-2017-12615-tomcat-7-put.html(security@apache.org)
http://www.securityfocus.com/bid/100901(security@apache.org)
http://www.securitytracker.com/id/1039392(security@apache.org)
https://access.redhat.com/errata/RHSA-2017:3080(security@apache.org)
https://access.redhat.com/errata/RHSA-2017:3081(security@apache.org)
https://access.redhat.com/errata/RHSA-2017:3113(security@apache.org)
https://access.redhat.com/errata/RHSA-2017:3114(security@apache.org)
https://access.redhat.com/errata/RHSA-2018:0465(security@apache.org)
https://access.redhat.com/errata/RHSA-2018:0466(security@apache.org)
https://github.com/breaktoprotect/CVE-2017-12615(security@apache.org)
https://lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708%40%3Cdev.tomcat.apache.org%3E(security@apache.org)
https://lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7%40%3Cdev.tomcat.apache.org%3E(security@apache.org)
https://lists.apache.org/thread.html/845312a10aabbe2c499fca94003881d2c79fc993d85f34c1f5c77424%40%3Cdev.tomcat.apache.org%3E(security@apache.org)
https://lists.apache.org/thread.html/8fcb1e2d5895413abcf266f011b9918ae03e0b7daceb118ffbf23f8c%40%3Cannounce.tomcat.apache.org%3E(security@apache.org)
https://lists.apache.org/thread.html/r6d03e45b81eab03580cf7f8bb51cb3e9a1b10a2cc0c6a2d3cc92ed0c%40%3Cannounce.apache.org%3E(security@apache.org)
https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c%40%3Cdev.tomcat.apache.org%3E(security@apache.org)
https://security.netapp.com/advisory/ntap-20171018-0001/(security@apache.org)
https://www.exploit-db.com/exploits/42953/(security@apache.org)
https://www.synology.com/support/security/Synology_SA_17_54_Tomcat(security@apache.org)
http://breaktoprotect.blogspot.com/2017/09/the-case-of-cve-2017-12615-tomcat-7-put.html(af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/bid/100901(af854a3a-2127-422b-91ae-364da2661108)
http://www.securitytracker.com/id/1039392(af854a3a-2127-422b-91ae-364da2661108)
https://access.redhat.com/errata/RHSA-2017:3080(af854a3a-2127-422b-91ae-364da2661108)
https://access.redhat.com/errata/RHSA-2017:3081(af854a3a-2127-422b-91ae-364da2661108)
https://access.redhat.com/errata/RHSA-2017:3113(af854a3a-2127-422b-91ae-364da2661108)
https://access.redhat.com/errata/RHSA-2017:3114(af854a3a-2127-422b-91ae-364da2661108)
https://access.redhat.com/errata/RHSA-2018:0465(af854a3a-2127-422b-91ae-364da2661108)
https://access.redhat.com/errata/RHSA-2018:0466(af854a3a-2127-422b-91ae-364da2661108)
https://github.com/breaktoprotect/CVE-2017-12615(af854a3a-2127-422b-91ae-364da2661108)
https://lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708%40%3Cdev.tomcat.apache.org%3E(af854a3a-2127-422b-91ae-364da2661108)
https://lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7%40%3Cdev.tomcat.apache.org%3E(af854a3a-2127-422b-91ae-364da2661108)
https://lists.apache.org/thread.html/845312a10aabbe2c499fca94003881d2c79fc993d85f34c1f5c77424%40%3Cdev.tomcat.apache.org%3E(af854a3a-2127-422b-91ae-364da2661108)
https://lists.apache.org/thread.html/8fcb1e2d5895413abcf266f011b9918ae03e0b7daceb118ffbf23f8c%40%3Cannounce.tomcat.apache.org%3E(af854a3a-2127-422b-91ae-364da2661108)
https://lists.apache.org/thread.html/r6d03e45b81eab03580cf7f8bb51cb3e9a1b10a2cc0c6a2d3cc92ed0c%40%3Cannounce.apache.org%3E(af854a3a-2127-422b-91ae-364da2661108)
https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c%40%3Cdev.tomcat.apache.org%3E(af854a3a-2127-422b-91ae-364da2661108)
https://security.netapp.com/advisory/ntap-20171018-0001/(af854a3a-2127-422b-91ae-364da2661108)
https://www.exploit-db.com/exploits/42953/(af854a3a-2127-422b-91ae-364da2661108)
https://www.synology.com/support/security/Synology_SA_17_54_Tomcat(af854a3a-2127-422b-91ae-364da2661108)
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2017-12615(134c704f-9b21-4f2e-91b3-4a467353bcc0)
IOC Korrelationen
Keine Korrelationen erfasst
This product uses data from the NVD API but is not endorsed or certified by the NVD.