MiracleLinux 7 : tomcat-7.0.69-12.el7 (AXSA:2017-1748:02)

🗓️ 16 Jan 2026 00:00:00Reported by TenableType

MiracleLinux 7 Tomcat 7.0.69-12.el7 vulnerable to CVE-2017-5648 and CVE-2017-5664.

Reporter	Title	Published	Views	Family All 291
IBM Security Bulletins	Security Bulletin: Multiple Security Vulnerabilities in Apache Tomcat affect IBM Rational License Key Server Administration and Reporting Tool	17 Jun 201805:23	–	ibm
IBM Security Bulletins	Security Bulletin: Open Source Apache Tomcat Vulnerabilities affect Algo One - Core	15 Jun 201823:48	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerability in Apache Tomcat affects IBM Algo One - Counterparty Credit Risk (CVE-2017-5648)	15 Jun 201823:46	–	ibm
IBM Security Bulletins	Security Bulletin: Rational Build Forge Security Advisory (CVE-2016-8610, CVE-2017-6056, CVE-2017-5647, CVE-2017-5648)	17 Jun 201805:21	–	ibm
IBM Security Bulletins	Security Bulletin: Rational Test Control Panel in Rational Test Workbench and Rational Test Virtualization Server affected by Apache Tomcat vulnerability (CVE-2017-5664)	17 Jun 201805:24	–	ibm
IBM Security Bulletins	Security Bulletin: Security vulnerabilities in Apache Tomcat affect multiple IBM Rational products based on IBM's Jazz technology	28 Apr 202118:35	–	ibm
IBM Security Bulletins	Security Bulletin: Security vulnerabilities have been identified in Jazz Reporting Service shipped with Rational Reporting for Development Intelligence	17 Jun 201805:22	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerabilities in Apache Tomcat might affect IBM Storage Defender Copy Data Management.	16 May 202519:24	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Security Guardium Big Data Intelligence (SonarG) is vulnerable to using Components with Known Vulnerabilities	16 Jun 201822:05	–	ibm
IBM Security Bulletins	Security Bulletin: Open Source Apache Tomcat vulnerabilities affect IBM Tivoli Application Dependency Discovery Manager (TADDM) (CVE-2017-5648, CVE-2017-5647)	17 Jun 201815:40	–	ibm

Source	Link
tsn	www.tsn.miraclelinux.com/en/node/8180
cve	www.cve.mitre.org/cgi-bin/cvename.cgi
cve	www.cve.mitre.org/cgi-bin/cvename.cgi

#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
#
# The package checks in this plugin were extracted from
# Miracle Linux Security Advisory AXSA:2017-1748:02.
##

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(289381);
  script_version("1.1");
  script_set_attribute(attribute:"plugin_modification_date", value:"2026/01/16");

  script_cve_id("CVE-2017-5648", "CVE-2017-5664");

  script_name(english:"MiracleLinux 7 : tomcat-7.0.69-12.el7 (AXSA:2017-1748:02)");

  script_set_attribute(attribute:"synopsis", value:
"The remote MiracleLinux host is missing one or more security updates.");
  script_set_attribute(attribute:"description", value:
"The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the
AXSA:2017-1748:02 advisory.

    Tomcat is the servlet container that is used in the official Reference
    Implementation for the Java Servlet and JavaServer Pages technologies.
    The Java Servlet and JavaServer Pages specifications are developed by
    Sun under the Java Community Process.
    Tomcat is developed in an open and participatory environment and
    released under the Apache Software License version 2.0. Tomcat is intended
    to be a collaboration of the best-of-breed developers from around the world.
    Security issues fixed with this release:
    CVE-2017-5648
    While investigating bug 60718, it was noticed that some calls to
    application listeners in Apache Tomcat 9.0.0.M1 to 9.0.0.M17, 8.5.0 to
    8.5.11, 8.0.0.RC1 to 8.0.41, and 7.0.0 to 7.0.75 did not use the
    appropriate facade object. When running an untrusted application under
    a SecurityManager, it was therefore possible for that untrusted
    application to retain a reference to the request or response object
    and thereby access and/or modify information associated with another
    web application.
    CVE-2017-5664
    The error page mechanism of the Java Servlet Specification requires
    that, when an error occurs and an error page is configured for the
    error that occurred, the original request and response are forwarded
    to the error page. This means that the request is presented to the
    error page with the original HTTP method. If the error page is a
    static file, expected behaviour is to serve content of the file as if
    processing a GET request, regardless of the actual HTTP method. The
    Default Servlet in Apache Tomcat 9.0.0.M1 to 9.0.0.M20, 8.5.0 to
    8.5.14, 8.0.0.RC1 to 8.0.43 and 7.0.0 to 7.0.77 did not do this.
    Depending on the original request this could lead to unexpected and
    undesirable results for static error pages including, if the
    DefaultServlet is configured to permit writes, the replacement or
    removal of the custom error page. Notes for other user provided error
    pages: (1) Unless explicitly coded otherwise, JSPs ignore the HTTP
    method.  JSPs used as error pages must must ensure that they handle
    any error dispatch as a GET request, regardless of the actual method.
    (2) By default, the response generated by a Servlet does depend on
    the HTTP method.  Custom Servlets used as error pages must ensure
    that they handle any error dispatch as a GET request, regardless of
    the actual method.

Tenable has extracted the preceding description block directly from the MiracleLinux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version
number.");
  script_set_attribute(attribute:"see_also", value:"https://tsn.miraclelinux.com/en/node/8180");
  script_set_attribute(attribute:"solution", value:
"Update the affected packages.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:N");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2017-5648");

  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");
  script_set_attribute(attribute:"vendor_severity", value:"High");

  script_set_attribute(attribute:"vuln_publication_date", value:"2017/04/10");
  script_set_attribute(attribute:"patch_publication_date", value:"2017/07/27");
  script_set_attribute(attribute:"plugin_publication_date", value:"2026/01/16");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:miracle:linux:tomcat");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:miracle:linux:tomcat-admin-webapps");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:miracle:linux:tomcat-el-2.2-api");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:miracle:linux:tomcat-jsp-2.2-api");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:miracle:linux:tomcat-lib");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:miracle:linux:tomcat-servlet-3.0-api");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:miracle:linux:tomcat-webapps");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:miracle:linux:7");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Miracle Linux Local Security Checks");

  script_copyright(english:"This script is Copyright (C) 2026 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/MiracleLinux/release", "Host/MiracleLinux/rpm-list", "Host/cpu");

  exit(0);
}


include('rpm2.inc');

if (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
var os_product = get_kb_item('installed_os/local/SSH/0/product');
if (isnull(os_product) || 'MIRACLE LINUX' >!< os_product) audit(AUDIT_OS_NOT, 'MIRACLE LINUX');
var os_version = get_kb_item('installed_os/local/SSH/0/version');
if (isnull(os_version)) audit(AUDIT_UNKNOWN_APP_VER, 'MIRACLE LINUX');
if (! preg(pattern:"^7([^0-9]|$)", string:os_version)) audit(AUDIT_OS_NOT, 'MiracleLinux 7.x', 'MIRACLE LINUX ' + os_version);

if (!get_kb_item('Host/MiracleLinux/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);

var cpu = get_kb_item('Host/cpu');
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ('aarch64' >!< cpu && 'ppc' >!< cpu && 's390' >!< cpu && 'x86_64' >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'MIRACLE LINUX', cpu);

var constraints = [
  {
    'release': '7',
    'pkgs': [
      {'reference':'tomcat-7.0.69-12.el7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
      {'reference':'tomcat-admin-webapps-7.0.69-12.el7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
      {'reference':'tomcat-el-2.2-api-7.0.69-12.el7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
      {'reference':'tomcat-jsp-2.2-api-7.0.69-12.el7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
      {'reference':'tomcat-lib-7.0.69-12.el7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
      {'reference':'tomcat-servlet-3.0-api-7.0.69-12.el7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'},
      {'reference':'tomcat-webapps-7.0.69-12.el7', 'rpm_spec_vers_cmp':TRUE, 'epoch':'0'}
    ]
  }
];

var os_release = get_one_kb_item('installed_os/local/SSH/0/release');
var os_sp = get_one_kb_item('Host/*/minor_release');

var flag = 0;
var reference;
var sp;
var _cpu;
var el_string;
var rpm_spec_vers_cmp;
var epoch;
var allowmaj;
var exists_check;
var cves;
foreach var constraint ( constraints ) {
  # Check that the target release is equal to the affected release
  if (!empty_or_null(constraint['release'])){
    if (constraint['release'] != os_release) continue;
  }
  if (!empty_or_null(constraint['sp'])){
    if (constraint['sp'] != os_sp) continue;
  }
  foreach var pkg ( constraint['pkgs'] ) {
    reference = NULL;
    sp = NULL;
    _cpu = NULL;
    el_string = NULL;
    rpm_spec_vers_cmp = NULL;
    epoch = NULL;
    allowmaj = NULL;
    exists_check = NULL;
    cves = NULL;
    if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];
    if (!empty_or_null(pkg['sp'])) sp = pkg['sp'];
    if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];
    if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];
    if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];
    if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];
    if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];
    if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];
    if (!empty_or_null(pkg['cves'])) cves = pkg['cves'];
    if (reference &&
        ## (no known rpm to check OR known rpm_exists)
        (!exists_check || rpm_exists(rpm:exists_check)) &&
        rpm_check(sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj, cves:cves)) flag++;
  }
}
if (flag)
{
  security_report_v4(
      port       : 0,
      severity   : SECURITY_WARNING,
      extra      : rpm_report_get()
  );
  exit(0);
}
else
{
  var tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'tomcat / tomcat-admin-webapps / tomcat-el-2.2-api / etc');
}

16 Jan 2026 00:00Current

7.9High risk

Vulners AI Score7.9

CVSS 26.4

CVSS 39.1

EPSS0.21758