CVE-2017-12615
KEV
🔴 Łataj teraz
Luka w Apache Tomcat umożliwia zdalne wykonanie kodu przez wgranie pliku JSP.
CVSS
8.1
EPSS
94.2%
Exploit
weaponized
Vendor
redhat
Opis źródłowy (NVD)
When running Apache Tomcat 7.0.0 to 7.0.79 on Windows with HTTP PUTs enabled (e.g. via setting the readonly initialisation parameter of the Default to false) it was possible to upload a JSP file to the server via a specially crafted request. This JSP could then be requested and any code it contained would be executed by the server.
exploit
Brak patcha
Źródła i daty
| Źródło | Wartość |
|---|---|
| NVD – CVSS | 8.1 |
| CISA KEV (aktywnie wykorzystywane) | Tak |
| FIRST EPSS (prawdopodobieństwo exploita) | 94.2% |
| Opublikowano (NVD) | 2017-09-19 13:29:00 UTC |
| Ostatnia modyfikacja (NVD) | 2026-04-21 17:04:04 UTC |
Referencje
- http://breaktoprotect.blogspot.com/2017/09/the-case-of-cve-2017-12615-tomcat-7-put.html (security@apache.org) [Exploit]
- http://www.securityfocus.com/bid/100901 (security@apache.org) [Broken Link, Third Party Advisory, VDB Entry]
- http://www.securitytracker.com/id/1039392 (security@apache.org) [Broken Link, Third Party Advisory, VDB Entry]
- https://access.redhat.com/errata/RHSA-2017:3080 (security@apache.org) [Third Party Advisory]
- https://access.redhat.com/errata/RHSA-2017:3081 (security@apache.org) [Third Party Advisory]
- https://access.redhat.com/errata/RHSA-2017:3113 (security@apache.org) [Third Party Advisory]
- https://access.redhat.com/errata/RHSA-2017:3114 (security@apache.org) [Third Party Advisory]
- https://access.redhat.com/errata/RHSA-2018:0465 (security@apache.org) [Third Party Advisory]
- https://access.redhat.com/errata/RHSA-2018:0466 (security@apache.org) [Third Party Advisory]
- https://github.com/breaktoprotect/CVE-2017-12615 (security@apache.org) [Exploit, Third Party Advisory]
- https://lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708%40%3Cdev.tomcat.apache.org%3E (security@apache.org) [Mailing List, Patch]
- https://lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7%40%3Cdev.tomcat.apache.org%3E (security@apache.org) [Mailing List, Patch]
- https://lists.apache.org/thread.html/845312a10aabbe2c499fca94003881d2c79fc993d85f34c1f5c77424%40%3Cdev.tomcat.apache.org%3E (security@apache.org) [Mailing List, Patch]
- https://lists.apache.org/thread.html/8fcb1e2d5895413abcf266f011b9918ae03e0b7daceb118ffbf23f8c%40%3Cannounce.tomcat.apache.org%3E (security@apache.org) [Issue Tracking, Mailing List]
- https://lists.apache.org/thread.html/r6d03e45b81eab03580cf7f8bb51cb3e9a1b10a2cc0c6a2d3cc92ed0c%40%3Cannounce.apache.org%3E (security@apache.org) [Mailing List]
- https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c%40%3Cdev.tomcat.apache.org%3E (security@apache.org) [Mailing List, Patch]
- https://security.netapp.com/advisory/ntap-20171018-0001/ (security@apache.org) [Third Party Advisory]
- https://www.exploit-db.com/exploits/42953/ (security@apache.org) [Third Party Advisory, VDB Entry]
- https://www.synology.com/support/security/Synology_SA_17_54_Tomcat (security@apache.org) [Third Party Advisory]
- https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2017-12615 (134c704f-9b21-4f2e-91b3-4a467353bcc0) [US Government Resource]