← Retour aux CVEs
CVE-2017-12615
HIGHCISA KEV8.1
Description
When running Apache Tomcat 7.0.0 to 7.0.79 on Windows with HTTP PUTs enabled (e.g. via setting the readonly initialisation parameter of the Default to false) it was possible to upload a JSP file to the server via a specially crafted request. This JSP could then be requested and any code it contained would be executed by the server.
Details CVE
Score CVSS v3.18.1
SeveriteHIGH
Vecteur CVSSCVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Vecteur d'attaqueNETWORK
ComplexiteHIGH
Privileges requisNONE
Interaction utilisateurNONE
Publie9/19/2017
Derniere modification4/21/2026
Sourcekev
Observations honeypot0
CISA KEV
FournisseurApache
ProduitTomcat
Nom vulnerabiliteApache Tomcat on Windows Remote Code Execution Vulnerability
Date ajout KEV2022-03-25
Date limite remediation2022-04-15
Utilise dans ransomwareKnown
Produits affectes
apache:tomcatmicrosoft:windowsnetapp:7-mode_transition_toolnetapp:oncommand_balancenetapp:oncommand_shiftredhat:enterprise_linux_desktopredhat:enterprise_linux_eusredhat:enterprise_linux_eus_compute_noderedhat:enterprise_linux_for_ibm_z_systemsredhat:enterprise_linux_for_ibm_z_systems_eusredhat:enterprise_linux_for_power_big_endianredhat:enterprise_linux_for_power_big_endian_eusredhat:enterprise_linux_for_power_little_endianredhat:enterprise_linux_for_power_little_endian_eusredhat:enterprise_linux_for_scientific_computingredhat:enterprise_linux_serverredhat:enterprise_linux_server_ausredhat:enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutionsredhat:enterprise_linux_server_tusredhat:enterprise_linux_server_update_services_for_sap_solutionsredhat:enterprise_linux_workstationredhat:jboss_enterprise_web_serverredhat:jboss_enterprise_web_server_text-only_advisories
Faiblesses (CWE)
CWE-434CWE-434
References
http://breaktoprotect.blogspot.com/2017/09/the-case-of-cve-2017-12615-tomcat-7-put.html(security@apache.org)
http://www.securityfocus.com/bid/100901(security@apache.org)
http://www.securitytracker.com/id/1039392(security@apache.org)
https://access.redhat.com/errata/RHSA-2017:3080(security@apache.org)
https://access.redhat.com/errata/RHSA-2017:3081(security@apache.org)
https://access.redhat.com/errata/RHSA-2017:3113(security@apache.org)
https://access.redhat.com/errata/RHSA-2017:3114(security@apache.org)
https://access.redhat.com/errata/RHSA-2018:0465(security@apache.org)
https://access.redhat.com/errata/RHSA-2018:0466(security@apache.org)
https://github.com/breaktoprotect/CVE-2017-12615(security@apache.org)
https://lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708%40%3Cdev.tomcat.apache.org%3E(security@apache.org)
https://lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7%40%3Cdev.tomcat.apache.org%3E(security@apache.org)
https://lists.apache.org/thread.html/845312a10aabbe2c499fca94003881d2c79fc993d85f34c1f5c77424%40%3Cdev.tomcat.apache.org%3E(security@apache.org)
https://lists.apache.org/thread.html/8fcb1e2d5895413abcf266f011b9918ae03e0b7daceb118ffbf23f8c%40%3Cannounce.tomcat.apache.org%3E(security@apache.org)
https://lists.apache.org/thread.html/r6d03e45b81eab03580cf7f8bb51cb3e9a1b10a2cc0c6a2d3cc92ed0c%40%3Cannounce.apache.org%3E(security@apache.org)
https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c%40%3Cdev.tomcat.apache.org%3E(security@apache.org)
https://security.netapp.com/advisory/ntap-20171018-0001/(security@apache.org)
https://www.exploit-db.com/exploits/42953/(security@apache.org)
https://www.synology.com/support/security/Synology_SA_17_54_Tomcat(security@apache.org)
http://breaktoprotect.blogspot.com/2017/09/the-case-of-cve-2017-12615-tomcat-7-put.html(af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/bid/100901(af854a3a-2127-422b-91ae-364da2661108)
http://www.securitytracker.com/id/1039392(af854a3a-2127-422b-91ae-364da2661108)
https://access.redhat.com/errata/RHSA-2017:3080(af854a3a-2127-422b-91ae-364da2661108)
https://access.redhat.com/errata/RHSA-2017:3081(af854a3a-2127-422b-91ae-364da2661108)
https://access.redhat.com/errata/RHSA-2017:3113(af854a3a-2127-422b-91ae-364da2661108)
https://access.redhat.com/errata/RHSA-2017:3114(af854a3a-2127-422b-91ae-364da2661108)
https://access.redhat.com/errata/RHSA-2018:0465(af854a3a-2127-422b-91ae-364da2661108)
https://access.redhat.com/errata/RHSA-2018:0466(af854a3a-2127-422b-91ae-364da2661108)
https://github.com/breaktoprotect/CVE-2017-12615(af854a3a-2127-422b-91ae-364da2661108)
https://lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708%40%3Cdev.tomcat.apache.org%3E(af854a3a-2127-422b-91ae-364da2661108)
https://lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7%40%3Cdev.tomcat.apache.org%3E(af854a3a-2127-422b-91ae-364da2661108)
https://lists.apache.org/thread.html/845312a10aabbe2c499fca94003881d2c79fc993d85f34c1f5c77424%40%3Cdev.tomcat.apache.org%3E(af854a3a-2127-422b-91ae-364da2661108)
https://lists.apache.org/thread.html/8fcb1e2d5895413abcf266f011b9918ae03e0b7daceb118ffbf23f8c%40%3Cannounce.tomcat.apache.org%3E(af854a3a-2127-422b-91ae-364da2661108)
https://lists.apache.org/thread.html/r6d03e45b81eab03580cf7f8bb51cb3e9a1b10a2cc0c6a2d3cc92ed0c%40%3Cannounce.apache.org%3E(af854a3a-2127-422b-91ae-364da2661108)
https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c%40%3Cdev.tomcat.apache.org%3E(af854a3a-2127-422b-91ae-364da2661108)
https://security.netapp.com/advisory/ntap-20171018-0001/(af854a3a-2127-422b-91ae-364da2661108)
https://www.exploit-db.com/exploits/42953/(af854a3a-2127-422b-91ae-364da2661108)
https://www.synology.com/support/security/Synology_SA_17_54_Tomcat(af854a3a-2127-422b-91ae-364da2661108)
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2017-12615(134c704f-9b21-4f2e-91b3-4a467353bcc0)
Correlations IOC
Aucune correlation enregistree
This product uses data from the NVD API but is not endorsed or certified by the NVD.