gsd-2017-12615
Vulnerability from gsd
Modified
2023-12-13 01:21
Details
When running Apache Tomcat 7.0.0 to 7.0.79 on Windows with HTTP PUTs enabled (e.g. via setting the readonly initialisation parameter of the Default to false) it was possible to upload a JSP file to the server via a specially crafted request. This JSP could then be requested and any code it contained would be executed by the server.
Aliases
Aliases



{
  "GSD": {
    "alias": "CVE-2017-12615",
    "description": "When running Apache Tomcat 7.0.0 to 7.0.79 on Windows with HTTP PUTs enabled (e.g. via setting the readonly initialisation parameter of the Default to false) it was possible to upload a JSP file to the server via a specially crafted request. This JSP could then be requested and any code it contained would be executed by the server.",
    "id": "GSD-2017-12615",
    "references": [
      "https://www.suse.com/security/cve/CVE-2017-12615.html",
      "https://access.redhat.com/errata/RHSA-2018:0466",
      "https://access.redhat.com/errata/RHSA-2018:0465",
      "https://access.redhat.com/errata/RHSA-2017:3114",
      "https://access.redhat.com/errata/RHSA-2017:3113",
      "https://access.redhat.com/errata/RHSA-2017:3081",
      "https://access.redhat.com/errata/RHSA-2017:3080",
      "https://linux.oracle.com/cve/CVE-2017-12615.html",
      "https://packetstormsecurity.com/files/cve/CVE-2017-12615"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2017-12615"
      ],
      "details": "When running Apache Tomcat 7.0.0 to 7.0.79 on Windows with HTTP PUTs enabled (e.g. via setting the readonly initialisation parameter of the Default to false) it was possible to upload a JSP file to the server via a specially crafted request. This JSP could then be requested and any code it contained would be executed by the server.",
      "id": "GSD-2017-12615",
      "modified": "2023-12-13T01:21:04.099469Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cisa.gov": {
      "cveID": "CVE-2017-12615",
      "dateAdded": "2022-03-25",
      "dueDate": "2022-04-15",
      "product": "Tomcat",
      "requiredAction": "Apply updates per vendor instructions.",
      "shortDescription": "When running Apache Tomcat on Windows with HTTP PUTs enabled, it is possible to upload a JSP file to the server via a specially crafted request. This JSP could then be requested and any code it contained would be executed by the server.",
      "vendorProject": "Apache",
      "vulnerabilityName": "Apache Tomcat on Windows Remote Code Execution Vulnerability"
    },
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "security@apache.org",
        "DATE_PUBLIC": "2017-09-19T00:00:00",
        "ID": "CVE-2017-12615",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "Apache Tomcat",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "7.0.0 to 7.0.79"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "Apache Software Foundation"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "When running Apache Tomcat 7.0.0 to 7.0.79 on Windows with HTTP PUTs enabled (e.g. via setting the readonly initialisation parameter of the Default to false) it was possible to upload a JSP file to the server via a specially crafted request. This JSP could then be requested and any code it contained would be executed by the server."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "Remote Code Execution"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "RHSA-2017:3113",
            "refsource": "REDHAT",
            "url": "https://access.redhat.com/errata/RHSA-2017:3113"
          },
          {
            "name": "RHSA-2017:3080",
            "refsource": "REDHAT",
            "url": "https://access.redhat.com/errata/RHSA-2017:3080"
          },
          {
            "name": "1039392",
            "refsource": "SECTRACK",
            "url": "http://www.securitytracker.com/id/1039392"
          },
          {
            "name": "[announce] 20170919 [SECURITY] CVE-2017-12615 Apache Tomcat Remote Code Execution via JSP upload",
            "refsource": "MLIST",
            "url": "https://lists.apache.org/thread.html/8fcb1e2d5895413abcf266f011b9918ae03e0b7daceb118ffbf23f8c@%3Cannounce.tomcat.apache.org%3E"
          },
          {
            "name": "https://www.synology.com/support/security/Synology_SA_17_54_Tomcat",
            "refsource": "CONFIRM",
            "url": "https://www.synology.com/support/security/Synology_SA_17_54_Tomcat"
          },
          {
            "name": "RHSA-2018:0465",
            "refsource": "REDHAT",
            "url": "https://access.redhat.com/errata/RHSA-2018:0465"
          },
          {
            "name": "http://breaktoprotect.blogspot.com/2017/09/the-case-of-cve-2017-12615-tomcat-7-put.html",
            "refsource": "MISC",
            "url": "http://breaktoprotect.blogspot.com/2017/09/the-case-of-cve-2017-12615-tomcat-7-put.html"
          },
          {
            "name": "RHSA-2017:3114",
            "refsource": "REDHAT",
            "url": "https://access.redhat.com/errata/RHSA-2017:3114"
          },
          {
            "name": "100901",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/100901"
          },
          {
            "name": "RHSA-2018:0466",
            "refsource": "REDHAT",
            "url": "https://access.redhat.com/errata/RHSA-2018:0466"
          },
          {
            "name": "42953",
            "refsource": "EXPLOIT-DB",
            "url": "https://www.exploit-db.com/exploits/42953/"
          },
          {
            "name": "https://security.netapp.com/advisory/ntap-20171018-0001/",
            "refsource": "CONFIRM",
            "url": "https://security.netapp.com/advisory/ntap-20171018-0001/"
          },
          {
            "name": "https://github.com/breaktoprotect/CVE-2017-12615",
            "refsource": "MISC",
            "url": "https://github.com/breaktoprotect/CVE-2017-12615"
          },
          {
            "name": "RHSA-2017:3081",
            "refsource": "REDHAT",
            "url": "https://access.redhat.com/errata/RHSA-2017:3081"
          },
          {
            "name": "[tomcat-dev] 20190325 svn commit: r1856174 [22/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/",
            "refsource": "MLIST",
            "url": "https://lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708@%3Cdev.tomcat.apache.org%3E"
          },
          {
            "name": "[tomcat-dev] 20190413 svn commit: r1857494 [16/20] - in /tomcat/site/trunk: ./ docs/ xdocs/",
            "refsource": "MLIST",
            "url": "https://lists.apache.org/thread.html/845312a10aabbe2c499fca94003881d2c79fc993d85f34c1f5c77424@%3Cdev.tomcat.apache.org%3E"
          },
          {
            "name": "[tomcat-dev] 20190415 svn commit: r1857582 [17/22] - in /tomcat/site/trunk: docs/ xdocs/stylesheets/",
            "refsource": "MLIST",
            "url": "https://lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7@%3Cdev.tomcat.apache.org%3E"
          },
          {
            "name": "[announce] 20200131 Apache Software Foundation Security Report: 2019",
            "refsource": "MLIST",
            "url": "https://lists.apache.org/thread.html/r6d03e45b81eab03580cf7f8bb51cb3e9a1b10a2cc0c6a2d3cc92ed0c@%3Cannounce.apache.org%3E"
          },
          {
            "name": "[tomcat-dev] 20200213 svn commit: r1873980 [27/34] - /tomcat/site/trunk/docs/",
            "refsource": "MLIST",
            "url": "https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c@%3Cdev.tomcat.apache.org%3E"
          }
        ]
      }
    },
    "gitlab.com": {
      "advisories": [
        {
          "affected_range": "[7.0.0,7.0.79)",
          "affected_versions": "All versions starting from 7.0.0 before 7.0.79",
          "cvss_v2": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
          "cvss_v3": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "cwe_ids": [
            "CWE-1035",
            "CWE-434",
            "CWE-78",
            "CWE-937"
          ],
          "date": "2021-09-16",
          "description": "When running Apache Tomcat 7.0.0 to 7.0.79 on Windows with HTTP PUTs enabled (e.g. via setting the readonly initialisation parameter of the Default to false) it was possible to upload a JSP file to the server via a specially crafted request. This JSP could then be requested and any code it contained would be executed by the server.",
          "fixed_versions": [
            "7.0.79"
          ],
          "identifier": "CVE-2017-12615",
          "identifiers": [
            "GHSA-pjfr-qf3p-3q25",
            "CVE-2017-12615"
          ],
          "not_impacted": "All versions before 7.0.0, all versions starting from 7.0.79",
          "package_slug": "maven/org.apache.tomcat.embed/tomcat-embed-core",
          "pubdate": "2018-10-17",
          "solution": "Upgrade to version 7.0.79 or above.",
          "title": "Unrestricted Upload of File with Dangerous Type",
          "urls": [
            "https://nvd.nist.gov/vuln/detail/CVE-2017-12615",
            "https://access.redhat.com/errata/RHSA-2017:3080",
            "https://access.redhat.com/errata/RHSA-2017:3081",
            "https://access.redhat.com/errata/RHSA-2017:3113",
            "https://access.redhat.com/errata/RHSA-2017:3114",
            "https://access.redhat.com/errata/RHSA-2018:0465",
            "https://access.redhat.com/errata/RHSA-2018:0466",
            "https://github.com/advisories/GHSA-pjfr-qf3p-3q25",
            "https://github.com/breaktoprotect/CVE-2017-12615",
            "https://lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708@%3Cdev.tomcat.apache.org%3E",
            "https://lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7@%3Cdev.tomcat.apache.org%3E",
            "https://lists.apache.org/thread.html/845312a10aabbe2c499fca94003881d2c79fc993d85f34c1f5c77424@%3Cdev.tomcat.apache.org%3E",
            "https://lists.apache.org/thread.html/8fcb1e2d5895413abcf266f011b9918ae03e0b7daceb118ffbf23f8c@%3Cannounce.tomcat.apache.org%3E",
            "https://lists.apache.org/thread.html/r6d03e45b81eab03580cf7f8bb51cb3e9a1b10a2cc0c6a2d3cc92ed0c@%3Cannounce.apache.org%3E",
            "https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c@%3Cdev.tomcat.apache.org%3E",
            "https://security.netapp.com/advisory/ntap-20171018-0001/",
            "https://www.exploit-db.com/exploits/42953/",
            "https://www.synology.com/support/security/Synology_SA_17_54_Tomcat",
            "http://breaktoprotect.blogspot.com/2017/09/the-case-of-cve-2017-12615-tomcat-7-put.html",
            "http://www.securityfocus.com/bid/100901",
            "http://www.securitytracker.com/id/1039392"
          ],
          "uuid": "2a2e7bcc-71bf-4a70-802e-d35eab6fc19e"
        },
        {
          "affected_range": "[7.0,7.0.51],[7.0.54,7.0.77],[7.0.79]",
          "affected_versions": "All versions starting from 7.0 up to 7.0.51, all versions starting from 7.0.54 up to 7.0.77, version 7.0.79",
          "cvss_v2": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
          "cvss_v3": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "cwe_ids": [
            "CWE-1035",
            "CWE-434",
            "CWE-937"
          ],
          "date": "2019-04-15",
          "description": "When running Apache Tomcat on Windows with HTTP PUTs enabled, it is possible to upload a JSP file to the server via a specially crafted request. This JSP could then be requested and any code it contained would be executed by the server.",
          "fixed_versions": [
            "7.0.52",
            "7.0.78",
            "7.0.81"
          ],
          "identifier": "CVE-2017-12615",
          "identifiers": [
            "CVE-2017-12615"
          ],
          "not_impacted": "All versions before 7.0, all versions after 7.0.51 before 7.0.54, all versions after 7.0.77 before 7.0.79, all versions after 7.0.79",
          "package_slug": "maven/org.apache.tomcat/tomcat-catalina",
          "pubdate": "2017-09-19",
          "solution": "Upgrade to versions 7.0.52, 7.0.78, 7.0.81 or above.",
          "title": "Unrestricted Upload of File with Dangerous Type",
          "urls": [
            "https://nvd.nist.gov/vuln/detail/CVE-2017-12615",
            "http://www.securityfocus.com/bid/100901",
            "http://www.securitytracker.com/id/1039392"
          ],
          "uuid": "a8f001eb-f498-4ec7-997a-0c5cc4df7ae8"
        }
      ]
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.0:beta:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.5:beta:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.6:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.14:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.15:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.22:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.23:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.30:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.31:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.39:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.40:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.47:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.48:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.57:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.58:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.59:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.66:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.67:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.74:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.75:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.4:beta:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.5:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.12:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.13:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.20:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.21:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.28:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.29:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.37:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.38:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.45:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.46:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.55:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.56:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.64:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.65:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.72:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.73:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.2:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.2:beta:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.7:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.8:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.16:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.17:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.24:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.25:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.32:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.33:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.34:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.41:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.42:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.49:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.50:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.60:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.61:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.68:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.69:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.76:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.77:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.3:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.4:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.9:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.10:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.11:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.18:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.19:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.26:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.27:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.35:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.36:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.43:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.44:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.51:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.54:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.62:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.63:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.70:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.71:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.79:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "security@apache.org",
          "ID": "CVE-2017-12615"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "When running Apache Tomcat 7.0.0 to 7.0.79 on Windows with HTTP PUTs enabled (e.g. via setting the readonly initialisation parameter of the Default to false) it was possible to upload a JSP file to the server via a specially crafted request. This JSP could then be requested and any code it contained would be executed by the server."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-434"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "[announce] 20170919 [SECURITY] CVE-2017-12615 Apache Tomcat Remote Code Execution via JSP upload",
              "refsource": "MLIST",
              "tags": [
                "Issue Tracking",
                "Mailing List",
                "Vendor Advisory"
              ],
              "url": "https://lists.apache.org/thread.html/8fcb1e2d5895413abcf266f011b9918ae03e0b7daceb118ffbf23f8c@%3Cannounce.tomcat.apache.org%3E"
            },
            {
              "name": "1039392",
              "refsource": "SECTRACK",
              "tags": [
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "http://www.securitytracker.com/id/1039392"
            },
            {
              "name": "100901",
              "refsource": "BID",
              "tags": [
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "http://www.securityfocus.com/bid/100901"
            },
            {
              "name": "42953",
              "refsource": "EXPLOIT-DB",
              "tags": [],
              "url": "https://www.exploit-db.com/exploits/42953/"
            },
            {
              "name": "https://security.netapp.com/advisory/ntap-20171018-0001/",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "https://security.netapp.com/advisory/ntap-20171018-0001/"
            },
            {
              "name": "https://github.com/breaktoprotect/CVE-2017-12615",
              "refsource": "MISC",
              "tags": [],
              "url": "https://github.com/breaktoprotect/CVE-2017-12615"
            },
            {
              "name": "http://breaktoprotect.blogspot.com/2017/09/the-case-of-cve-2017-12615-tomcat-7-put.html",
              "refsource": "MISC",
              "tags": [],
              "url": "http://breaktoprotect.blogspot.com/2017/09/the-case-of-cve-2017-12615-tomcat-7-put.html"
            },
            {
              "name": "RHSA-2017:3114",
              "refsource": "REDHAT",
              "tags": [],
              "url": "https://access.redhat.com/errata/RHSA-2017:3114"
            },
            {
              "name": "RHSA-2017:3113",
              "refsource": "REDHAT",
              "tags": [],
              "url": "https://access.redhat.com/errata/RHSA-2017:3113"
            },
            {
              "name": "RHSA-2017:3081",
              "refsource": "REDHAT",
              "tags": [],
              "url": "https://access.redhat.com/errata/RHSA-2017:3081"
            },
            {
              "name": "RHSA-2017:3080",
              "refsource": "REDHAT",
              "tags": [],
              "url": "https://access.redhat.com/errata/RHSA-2017:3080"
            },
            {
              "name": "https://www.synology.com/support/security/Synology_SA_17_54_Tomcat",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "https://www.synology.com/support/security/Synology_SA_17_54_Tomcat"
            },
            {
              "name": "RHSA-2018:0466",
              "refsource": "REDHAT",
              "tags": [],
              "url": "https://access.redhat.com/errata/RHSA-2018:0466"
            },
            {
              "name": "RHSA-2018:0465",
              "refsource": "REDHAT",
              "tags": [],
              "url": "https://access.redhat.com/errata/RHSA-2018:0465"
            },
            {
              "name": "[tomcat-dev] 20190325 svn commit: r1856174 [22/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/",
              "refsource": "MLIST",
              "tags": [],
              "url": "https://lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708@%3Cdev.tomcat.apache.org%3E"
            },
            {
              "name": "[tomcat-dev] 20190413 svn commit: r1857494 [16/20] - in /tomcat/site/trunk: ./ docs/ xdocs/",
              "refsource": "MLIST",
              "tags": [],
              "url": "https://lists.apache.org/thread.html/845312a10aabbe2c499fca94003881d2c79fc993d85f34c1f5c77424@%3Cdev.tomcat.apache.org%3E"
            },
            {
              "name": "[tomcat-dev] 20190415 svn commit: r1857582 [17/22] - in /tomcat/site/trunk: docs/ xdocs/stylesheets/",
              "refsource": "MLIST",
              "tags": [],
              "url": "https://lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7@%3Cdev.tomcat.apache.org%3E"
            },
            {
              "name": "[announce] 20200131 Apache Software Foundation Security Report: 2019",
              "refsource": "MLIST",
              "tags": [],
              "url": "https://lists.apache.org/thread.html/r6d03e45b81eab03580cf7f8bb51cb3e9a1b10a2cc0c6a2d3cc92ed0c@%3Cannounce.apache.org%3E"
            },
            {
              "name": "[tomcat-dev] 20200213 svn commit: r1873980 [27/34] - /tomcat/site/trunk/docs/",
              "refsource": "MLIST",
              "tags": [],
              "url": "https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c@%3Cdev.tomcat.apache.org%3E"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 6.8,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 8.6,
          "impactScore": 6.4,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": false
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "exploitabilityScore": 2.2,
          "impactScore": 5.9
        }
      },
      "lastModifiedDate": "2019-04-15T16:30Z",
      "publishedDate": "2017-09-19T13:29Z"
    }
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading…

Loading…

Loading…

Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.