← Back to CVEs
CVE-2017-12615
HIGHCISA KEV8.1
Description
When running Apache Tomcat 7.0.0 to 7.0.79 on Windows with HTTP PUTs enabled (e.g. via setting the readonly initialisation parameter of the Default to false) it was possible to upload a JSP file to the server via a specially crafted request. This JSP could then be requested and any code it contained would be executed by the server.
CVE Details
CVSS v3.1 Score8.1
SeverityHIGH
CVSS VectorCVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Attack VectorNETWORK
ComplexityHIGH
Privileges RequiredNONE
User InteractionNONE
Published9/19/2017
Last Modified4/21/2026
Sourcekev
Honeypot Sightings0
CISA KEV
VendorApache
ProductTomcat
Vulnerability NameApache Tomcat on Windows Remote Code Execution Vulnerability
KEV Date Added2022-03-25
Remediation Due Date2022-04-15
Ransomware UseKnown
Affected Products
apache:tomcatmicrosoft:windowsnetapp:7-mode_transition_toolnetapp:oncommand_balancenetapp:oncommand_shiftredhat:enterprise_linux_desktopredhat:enterprise_linux_eusredhat:enterprise_linux_eus_compute_noderedhat:enterprise_linux_for_ibm_z_systemsredhat:enterprise_linux_for_ibm_z_systems_eusredhat:enterprise_linux_for_power_big_endianredhat:enterprise_linux_for_power_big_endian_eusredhat:enterprise_linux_for_power_little_endianredhat:enterprise_linux_for_power_little_endian_eusredhat:enterprise_linux_for_scientific_computingredhat:enterprise_linux_serverredhat:enterprise_linux_server_ausredhat:enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutionsredhat:enterprise_linux_server_tusredhat:enterprise_linux_server_update_services_for_sap_solutionsredhat:enterprise_linux_workstationredhat:jboss_enterprise_web_serverredhat:jboss_enterprise_web_server_text-only_advisories
Weaknesses (CWE)
CWE-434CWE-434
References
http://breaktoprotect.blogspot.com/2017/09/the-case-of-cve-2017-12615-tomcat-7-put.html(security@apache.org)
http://www.securityfocus.com/bid/100901(security@apache.org)
http://www.securitytracker.com/id/1039392(security@apache.org)
https://access.redhat.com/errata/RHSA-2017:3080(security@apache.org)
https://access.redhat.com/errata/RHSA-2017:3081(security@apache.org)
https://access.redhat.com/errata/RHSA-2017:3113(security@apache.org)
https://access.redhat.com/errata/RHSA-2017:3114(security@apache.org)
https://access.redhat.com/errata/RHSA-2018:0465(security@apache.org)
https://access.redhat.com/errata/RHSA-2018:0466(security@apache.org)
https://github.com/breaktoprotect/CVE-2017-12615(security@apache.org)
https://lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708%40%3Cdev.tomcat.apache.org%3E(security@apache.org)
https://lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7%40%3Cdev.tomcat.apache.org%3E(security@apache.org)
https://lists.apache.org/thread.html/845312a10aabbe2c499fca94003881d2c79fc993d85f34c1f5c77424%40%3Cdev.tomcat.apache.org%3E(security@apache.org)
https://lists.apache.org/thread.html/8fcb1e2d5895413abcf266f011b9918ae03e0b7daceb118ffbf23f8c%40%3Cannounce.tomcat.apache.org%3E(security@apache.org)
https://lists.apache.org/thread.html/r6d03e45b81eab03580cf7f8bb51cb3e9a1b10a2cc0c6a2d3cc92ed0c%40%3Cannounce.apache.org%3E(security@apache.org)
https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c%40%3Cdev.tomcat.apache.org%3E(security@apache.org)
https://security.netapp.com/advisory/ntap-20171018-0001/(security@apache.org)
https://www.exploit-db.com/exploits/42953/(security@apache.org)
https://www.synology.com/support/security/Synology_SA_17_54_Tomcat(security@apache.org)
http://breaktoprotect.blogspot.com/2017/09/the-case-of-cve-2017-12615-tomcat-7-put.html(af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/bid/100901(af854a3a-2127-422b-91ae-364da2661108)
http://www.securitytracker.com/id/1039392(af854a3a-2127-422b-91ae-364da2661108)
https://access.redhat.com/errata/RHSA-2017:3080(af854a3a-2127-422b-91ae-364da2661108)
https://access.redhat.com/errata/RHSA-2017:3081(af854a3a-2127-422b-91ae-364da2661108)
https://access.redhat.com/errata/RHSA-2017:3113(af854a3a-2127-422b-91ae-364da2661108)
https://access.redhat.com/errata/RHSA-2017:3114(af854a3a-2127-422b-91ae-364da2661108)
https://access.redhat.com/errata/RHSA-2018:0465(af854a3a-2127-422b-91ae-364da2661108)
https://access.redhat.com/errata/RHSA-2018:0466(af854a3a-2127-422b-91ae-364da2661108)
https://github.com/breaktoprotect/CVE-2017-12615(af854a3a-2127-422b-91ae-364da2661108)
https://lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708%40%3Cdev.tomcat.apache.org%3E(af854a3a-2127-422b-91ae-364da2661108)
https://lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7%40%3Cdev.tomcat.apache.org%3E(af854a3a-2127-422b-91ae-364da2661108)
https://lists.apache.org/thread.html/845312a10aabbe2c499fca94003881d2c79fc993d85f34c1f5c77424%40%3Cdev.tomcat.apache.org%3E(af854a3a-2127-422b-91ae-364da2661108)
https://lists.apache.org/thread.html/8fcb1e2d5895413abcf266f011b9918ae03e0b7daceb118ffbf23f8c%40%3Cannounce.tomcat.apache.org%3E(af854a3a-2127-422b-91ae-364da2661108)
https://lists.apache.org/thread.html/r6d03e45b81eab03580cf7f8bb51cb3e9a1b10a2cc0c6a2d3cc92ed0c%40%3Cannounce.apache.org%3E(af854a3a-2127-422b-91ae-364da2661108)
https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c%40%3Cdev.tomcat.apache.org%3E(af854a3a-2127-422b-91ae-364da2661108)
https://security.netapp.com/advisory/ntap-20171018-0001/(af854a3a-2127-422b-91ae-364da2661108)
https://www.exploit-db.com/exploits/42953/(af854a3a-2127-422b-91ae-364da2661108)
https://www.synology.com/support/security/Synology_SA_17_54_Tomcat(af854a3a-2127-422b-91ae-364da2661108)
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2017-12615(134c704f-9b21-4f2e-91b3-4a467353bcc0)
IOC Correlations
No correlations recorded
This product uses data from the NVD API but is not endorsed or certified by the NVD.