CVE-2017-12615

When running Apache Tomcat 7.0.0 to 7.0.79 on Windows with HTTP PUTs enabled (e.g. via setting the readonly initialisation parameter of the Default to false) it was possible to upload a JSP file to the server via a specially crafted request. This JSP could then be requested and any code it contained would be executed by the server.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
8.1 HIGH
NETWORK
HIGH
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
apacheCNA
---
---
CVEADP
---
---
CISA-ADPADP
8.1 HIGH
NETWORK
HIGH
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 99%
VendorProductVersion
apachetomcat
7.0.0 ≤
𝑥
≤ 7.0.79
netapp7-mode_transition_tool
-
netapponcommand_balance
-
netapponcommand_shift
-
redhatenterprise_linux_server_update_services_for_sap_solutions
7.4
redhatenterprise_linux_server_update_services_for_sap_solutions
7.6
redhatenterprise_linux_server_update_services_for_sap_solutions
7.7
redhatjboss_enterprise_web_server
2.0.0
redhatjboss_enterprise_web_server
3.0.0
redhatjboss_enterprise_web_server_text-only_advisories
-
redhatenterprise_linux_desktop
6.0
redhatenterprise_linux_desktop
7.0
redhatenterprise_linux_eus
7.4
redhatenterprise_linux_eus
7.5
redhatenterprise_linux_eus
7.6
redhatenterprise_linux_eus
7.7
redhatenterprise_linux_eus_compute_node
7.4
redhatenterprise_linux_eus_compute_node
7.5
redhatenterprise_linux_eus_compute_node
7.6
redhatenterprise_linux_eus_compute_node
7.7
redhatenterprise_linux_for_ibm_z_systems
7.0_s390x:_s390x
redhatenterprise_linux_for_ibm_z_systems_eus
7.4_s390x:_s390x
redhatenterprise_linux_for_ibm_z_systems_eus
7.5_s390x:_s390x
redhatenterprise_linux_for_ibm_z_systems_eus
7.6_s390x:_s390x
redhatenterprise_linux_for_ibm_z_systems_eus
7.7_s390x:_s390x
redhatenterprise_linux_for_power_big_endian
7.0_ppc64:_ppc64
redhatenterprise_linux_for_power_big_endian_eus
7.4_ppc64:_ppc64
redhatenterprise_linux_for_power_big_endian_eus
7.5_ppc64:_ppc64
redhatenterprise_linux_for_power_big_endian_eus
7.6_ppc64:_ppc64
redhatenterprise_linux_for_power_big_endian_eus
7.7_ppc64:_ppc64
redhatenterprise_linux_for_power_little_endian
7.0_ppc64le:_ppc64le
redhatenterprise_linux_for_power_little_endian_eus
7.4_ppc64le:_ppc64le
redhatenterprise_linux_for_power_little_endian_eus
7.5_ppc64le:_ppc64le
redhatenterprise_linux_for_power_little_endian_eus
7.6_ppc64le:_ppc64le
redhatenterprise_linux_for_power_little_endian_eus
7.7_ppc64le:_ppc64le
redhatenterprise_linux_for_scientific_computing
7.0
redhatenterprise_linux_server
6.0
redhatenterprise_linux_server
7.0
redhatenterprise_linux_server_aus
7.4
redhatenterprise_linux_server_aus
7.6
redhatenterprise_linux_server_aus
7.7
redhatenterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions
7.4_ppc64le:_ppc64le
redhatenterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions
7.6_ppc64le:_ppc64le
redhatenterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions
7.7_ppc64le:_ppc64le
redhatenterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions
9.2_ppc64le:_ppc64le
redhatenterprise_linux_server_tus
7.4
redhatenterprise_linux_server_tus
7.6
redhatenterprise_linux_server_tus
7.7
redhatenterprise_linux_workstation
6.0
redhatenterprise_linux_workstation
7.0
𝑥
= Vulnerable software versions
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
tomcat7
zesty
not-affected
xenial
not-affected
trusty
not-affected
Common Weakness Enumeration
References
http://breaktoprotect.blogspot.com/2017/09/the-case-of-cve-2017-12615-tomcat-7-put.html
http://www.securityfocus.com/bid/100901
http://www.securitytracker.com/id/1039392
https://access.redhat.com/errata/RHSA-2017:3080
https://access.redhat.com/errata/RHSA-2017:3081
https://access.redhat.com/errata/RHSA-2017:3113
https://access.redhat.com/errata/RHSA-2017:3114
https://access.redhat.com/errata/RHSA-2018:0465
https://access.redhat.com/errata/RHSA-2018:0466
https://github.com/breaktoprotect/CVE-2017-12615
https://lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708%40%3Cdev.tomcat.apache.org%3E
https://lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7%40%3Cdev.tomcat.apache.org%3E
https://lists.apache.org/thread.html/845312a10aabbe2c499fca94003881d2c79fc993d85f34c1f5c77424%40%3Cdev.tomcat.apache.org%3E
https://lists.apache.org/thread.html/8fcb1e2d5895413abcf266f011b9918ae03e0b7daceb118ffbf23f8c%40%3Cannounce.tomcat.apache.org%3E
https://lists.apache.org/thread.html/r6d03e45b81eab03580cf7f8bb51cb3e9a1b10a2cc0c6a2d3cc92ed0c%40%3Cannounce.apache.org%3E
https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c%40%3Cdev.tomcat.apache.org%3E
https://security.netapp.com/advisory/ntap-20171018-0001/
https://www.exploit-db.com/exploits/42953/
https://www.synology.com/support/security/Synology_SA_17_54_Tomcat
http://breaktoprotect.blogspot.com/2017/09/the-case-of-cve-2017-12615-tomcat-7-put.html
http://www.securityfocus.com/bid/100901
http://www.securitytracker.com/id/1039392
https://access.redhat.com/errata/RHSA-2017:3080
https://access.redhat.com/errata/RHSA-2017:3081
https://access.redhat.com/errata/RHSA-2017:3113
https://access.redhat.com/errata/RHSA-2017:3114
https://access.redhat.com/errata/RHSA-2018:0465
https://access.redhat.com/errata/RHSA-2018:0466
https://github.com/breaktoprotect/CVE-2017-12615
https://lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708%40%3Cdev.tomcat.apache.org%3E
https://lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7%40%3Cdev.tomcat.apache.org%3E
https://lists.apache.org/thread.html/845312a10aabbe2c499fca94003881d2c79fc993d85f34c1f5c77424%40%3Cdev.tomcat.apache.org%3E
https://lists.apache.org/thread.html/8fcb1e2d5895413abcf266f011b9918ae03e0b7daceb118ffbf23f8c%40%3Cannounce.tomcat.apache.org%3E
https://lists.apache.org/thread.html/r6d03e45b81eab03580cf7f8bb51cb3e9a1b10a2cc0c6a2d3cc92ed0c%40%3Cannounce.apache.org%3E
https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c%40%3Cdev.tomcat.apache.org%3E
https://security.netapp.com/advisory/ntap-20171018-0001/
https://www.exploit-db.com/exploits/42953/
https://www.synology.com/support/security/Synology_SA_17_54_Tomcat