Lucene search

K
cveApacheCVE-2017-12617
HistoryOct 04, 2017 - 1:29 a.m.

CVE-2017-12617

2017-10-0401:29:02
CWE-434
apache
web.nvd.nist.gov
1199
In Wild
20
cve
apache tomcat
jsp
file upload
code execution
vulnerability
nvd

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

CVSS3

8.1

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

7.5

Confidence

High

EPSS

0.974

Percentile

100.0%

When running Apache Tomcat versions 9.0.0.M1 to 9.0.0, 8.5.0 to 8.5.22, 8.0.0.RC1 to 8.0.46 and 7.0.0 to 7.0.81 with HTTP PUTs enabled (e.g. via setting the readonly initialisation parameter of the Default servlet to false) it was possible to upload a JSP file to the server via a specially crafted request. This JSP could then be requested and any code it contained would be executed by the server.

Affected configurations

Nvd
Vulners
Node
apachetomcatRange7.0.07.0.82
OR
apachetomcatRange8.08.0.47
OR
apachetomcatRange8.5.08.5.23
OR
apachetomcatRange9.0.09.0.1
Node
canonicalubuntu_linuxMatch12.04esm
OR
canonicalubuntu_linuxMatch16.04esm
OR
canonicalubuntu_linuxMatch17.10
OR
canonicalubuntu_linuxMatch18.04esm
Node
oracleagile_plmMatch9.3.3
OR
oracleagile_plmMatch9.3.4
OR
oracleagile_plmMatch9.3.5
OR
oracleagile_plmMatch9.3.6
OR
oraclecommunications_instant_messaging_serverMatch10.0.1
OR
oracleendeca_information_discovery_integratorMatch3.1.0
OR
oracleendeca_information_discovery_integratorMatch3.2.0
OR
oracleenterprise_manager_for_mysql_databaseMatch12.1.0.4.0
OR
oraclefinancial_services_analytical_applications_infrastructureRange7.3.3.0.07.3.5.3.0
OR
oraclefinancial_services_analytical_applications_infrastructureRange8.0.0.0.08.0.9.0.0
OR
oraclefmw_platformMatch12.2.1.2.0
OR
oraclefmw_platformMatch12.2.1.3.0
OR
oraclehealth_sciences_empirica_inspectionsMatch1.0.1.1
OR
oraclehospitality_guest_accessMatch4.2.0
OR
oraclehospitality_guest_accessMatch4.2.1
OR
oracleinstantis_enterprisetrackMatch17.1
OR
oracleinstantis_enterprisetrackMatch17.2
OR
oraclemanagement_packMatch11.2.1.0.13goldengate
OR
oraclemicros_lucasMatch2.9.5
OR
oraclemicros_retail_xbri_loss_preventionMatch10.0.1
OR
oraclemicros_retail_xbri_loss_preventionMatch10.5.0
OR
oraclemicros_retail_xbri_loss_preventionMatch10.6.0
OR
oraclemicros_retail_xbri_loss_preventionMatch10.7.0
OR
oraclemicros_retail_xbri_loss_preventionMatch10.8.0
OR
oraclemicros_retail_xbri_loss_preventionMatch10.8.1
OR
oraclemysql_enterprise_monitorRange3.3.6.3293
OR
oraclemysql_enterprise_monitorRange3.4.03.4.4.4226
OR
oraclemysql_enterprise_monitorRange4.0.04.0.0.5135
OR
oracleretail_advanced_inventory_planningMatch13.2
OR
oracleretail_advanced_inventory_planningMatch13.4
OR
oracleretail_advanced_inventory_planningMatch14.1
OR
oracleretail_advanced_inventory_planningMatch15.0
OR
oracleretail_back_officeMatch14.0.4
OR
oracleretail_back_officeMatch14.1.3
OR
oracleretail_central_officeMatch14.0.4
OR
oracleretail_central_officeMatch14.1.3
OR
oracleretail_convenience_and_fuel_pos_softwareMatch2.1.132
OR
oracleretail_eftlinkMatch1.1.124
OR
oracleretail_eftlinkMatch15.0.1
OR
oracleretail_eftlinkMatch16.0.2
OR
oracleretail_insightsMatch14.0
OR
oracleretail_insightsMatch14.1
OR
oracleretail_insightsMatch15.0
OR
oracleretail_insightsMatch16.0
OR
oracleretail_invoice_matchingMatch12.0
OR
oracleretail_invoice_matchingMatch13.0
OR
oracleretail_invoice_matchingMatch13.1
OR
oracleretail_invoice_matchingMatch13.2
OR
oracleretail_invoice_matchingMatch14.0
OR
oracleretail_invoice_matchingMatch14.1
OR
oracleretail_invoice_matchingMatch15.0
OR
oracleretail_invoice_matchingMatch16.0
OR
oracleretail_order_brokerMatch5.0
OR
oracleretail_order_brokerMatch5.1
OR
oracleretail_order_brokerMatch5.2
OR
oracleretail_order_brokerMatch15.0
OR
oracleretail_order_brokerMatch16.0
OR
oracleretail_order_management_systemMatch4.0
OR
oracleretail_order_management_systemMatch4.5
OR
oracleretail_order_management_systemMatch4.7
OR
oracleretail_order_management_systemMatch5.0
OR
oracleretail_point-of-serviceMatch14.0.4
OR
oracleretail_point-of-serviceMatch14.1.3
OR
oracleretail_price_managementMatch12.0
OR
oracleretail_price_managementMatch13.0
OR
oracleretail_price_managementMatch13.1
OR
oracleretail_price_managementMatch13.2
OR
oracleretail_price_managementMatch14.0
OR
oracleretail_price_managementMatch14.1
OR
oracleretail_price_managementMatch15.0
OR
oracleretail_price_managementMatch16.0
OR
oracleretail_returns_managementMatch2.3.8
OR
oracleretail_returns_managementMatch2.4.9
OR
oracleretail_returns_managementMatch14.0.4
OR
oracleretail_returns_managementMatch14.1.3
OR
oracleretail_store_inventory_managementMatch12.0.12
OR
oracleretail_store_inventory_managementMatch13.0.7
OR
oracleretail_store_inventory_managementMatch13.1.9
OR
oracleretail_store_inventory_managementMatch13.2.9
OR
oracleretail_store_inventory_managementMatch14.0.4
OR
oracleretail_store_inventory_managementMatch14.1.3
OR
oracleretail_store_inventory_managementMatch15.0.2
OR
oracleretail_store_inventory_managementMatch16.0.1
OR
oracleretail_xstore_point_of_serviceMatch6.0.11
OR
oracleretail_xstore_point_of_serviceMatch7.0.6
OR
oracleretail_xstore_point_of_serviceMatch7.1.6
OR
oracleretail_xstore_point_of_serviceMatch15.0.1
OR
oracletransportation_managementMatch6.3.1
OR
oracletransportation_managementMatch6.3.2
OR
oracletransportation_managementMatch6.3.3
OR
oracletransportation_managementMatch6.3.4
OR
oracletransportation_managementMatch6.3.5
OR
oracletransportation_managementMatch6.3.6
OR
oracletransportation_managementMatch6.3.7
OR
oracletuxedo_system_and_applications_monitorMatch12.1.3.0.0
OR
oraclewebcenter_sitesMatch11.1.1.8.0
OR
oracleworkload_managerMatch12.2.0.1
Node
debiandebian_linuxMatch7.0
Node
netappactive_iq_unified_managerRange7.3windows
OR
netappactive_iq_unified_managerRange9.5vmware_vsphere
OR
netapponcommand_balanceMatch-
OR
netapponcommand_insightMatch-
OR
netapponcommand_shiftMatch-
OR
netapponcommand_workflow_automationMatch-
OR
netappsnapcenterMatch-
OR
netappelementMatch-vcenter_server
Node
redhatfuseMatch1.0
OR
redhatjboss_enterprise_application_platformMatch6.0.0
OR
redhatjboss_enterprise_application_platformMatch6.4.0
OR
redhatjboss_enterprise_web_serverMatch2.0.0
OR
redhatjboss_enterprise_web_serverMatch3.0.0
OR
redhatjboss_enterprise_web_server_text-only_advisoriesMatch-
OR
redhatenterprise_linux_desktopMatch6.0
OR
redhatenterprise_linux_desktopMatch7.0
OR
redhatenterprise_linux_eusMatch7.4
OR
redhatenterprise_linux_eusMatch7.5
OR
redhatenterprise_linux_eusMatch7.6
OR
redhatenterprise_linux_eusMatch7.7
OR
redhatenterprise_linux_eus_compute_nodeMatch7.4
OR
redhatenterprise_linux_eus_compute_nodeMatch7.5
OR
redhatenterprise_linux_eus_compute_nodeMatch7.6
OR
redhatenterprise_linux_eus_compute_nodeMatch7.7
OR
redhatenterprise_linux_for_ibm_z_systemsMatch6.0_s390x
OR
redhatenterprise_linux_for_ibm_z_systemsMatch7.0_s390x
OR
redhatenterprise_linux_for_ibm_z_systems_eusMatch7.4_s390x
OR
redhatenterprise_linux_for_ibm_z_systems_eusMatch7.5_s390x
OR
redhatenterprise_linux_for_ibm_z_systems_eusMatch7.6_s390x
OR
redhatenterprise_linux_for_ibm_z_systems_eusMatch7.7_s390x
OR
redhatenterprise_linux_for_power_big_endianMatch6.0_ppc64
OR
redhatenterprise_linux_for_power_big_endianMatch7.0_ppc64
OR
redhatenterprise_linux_for_power_big_endian_eusMatch7.4_ppc64
OR
redhatenterprise_linux_for_power_big_endian_eusMatch7.5_ppc64
OR
redhatenterprise_linux_for_power_big_endian_eusMatch7.6_ppc64
OR
redhatenterprise_linux_for_power_big_endian_eusMatch7.7_ppc64
OR
redhatenterprise_linux_for_power_little_endianMatch7.0
OR
redhatenterprise_linux_for_power_little_endian_eusMatch7.4_ppc64le
OR
redhatenterprise_linux_for_power_little_endian_eusMatch7.5_ppc64le
OR
redhatenterprise_linux_for_power_little_endian_eusMatch7.6_ppc64le
OR
redhatenterprise_linux_for_power_little_endian_eusMatch7.7_ppc64le
OR
redhatenterprise_linux_serverMatch6.0
OR
redhatenterprise_linux_serverMatch7.0
OR
redhatenterprise_linux_server_ausMatch7.4
OR
redhatenterprise_linux_server_ausMatch7.6
OR
redhatenterprise_linux_server_ausMatch7.7
OR
redhatenterprise_linux_server_tusMatch7.4
OR
redhatenterprise_linux_server_tusMatch7.6
OR
redhatenterprise_linux_server_tusMatch7.7
OR
redhatenterprise_linux_workstationMatch6.0
OR
redhatenterprise_linux_workstationMatch7.0
VendorProductVersionCPE
apachetomcat*cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*
canonicalubuntu_linux12.04cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*
canonicalubuntu_linux16.04cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*
canonicalubuntu_linux17.10cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*
canonicalubuntu_linux18.04cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:esm:*:*:*
oracleagile_plm9.3.3cpe:2.3:a:oracle:agile_plm:9.3.3:*:*:*:*:*:*:*
oracleagile_plm9.3.4cpe:2.3:a:oracle:agile_plm:9.3.4:*:*:*:*:*:*:*
oracleagile_plm9.3.5cpe:2.3:a:oracle:agile_plm:9.3.5:*:*:*:*:*:*:*
oracleagile_plm9.3.6cpe:2.3:a:oracle:agile_plm:9.3.6:*:*:*:*:*:*:*
oraclecommunications_instant_messaging_server10.0.1cpe:2.3:a:oracle:communications_instant_messaging_server:10.0.1:*:*:*:*:*:*:*
Rows per page:
1-10 of 1511

CNA Affected

[
  {
    "product": "Apache Tomcat",
    "vendor": "Apache Software Foundation",
    "versions": [
      {
        "status": "affected",
        "version": "9.0.0.M1 to 9.0.0"
      },
      {
        "status": "affected",
        "version": "8.5.0 to 8.5.22"
      },
      {
        "status": "affected",
        "version": "8.0.0.RC1 to 8.0.46"
      },
      {
        "status": "affected",
        "version": "7.0.0 to 7.0.81"
      }
    ]
  }
]

References

Social References

More

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

CVSS3

8.1

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

7.5

Confidence

High

EPSS

0.974

Percentile

100.0%