CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
Confidence
High
EPSS
Percentile
99.8%
When running Apache Tomcat 7.0.0 to 7.0.79 on Windows with HTTP PUTs enabled (e.g. via setting the readonly initialisation parameter of the Default to false) it was possible to upload a JSP file to the server via a specially crafted request. This JSP could then be requested and any code it contained would be executed by the server.
Vendor | Product | Version | CPE |
---|---|---|---|
apache | tomcat | * | cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:* |
microsoft | windows | - | cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:* |
netapp | 7-mode_transition_tool | - | cpe:2.3:a:netapp:7-mode_transition_tool:-:*:*:*:*:*:*:* |
netapp | oncommand_balance | - | cpe:2.3:a:netapp:oncommand_balance:-:*:*:*:*:*:*:* |
netapp | oncommand_shift | - | cpe:2.3:a:netapp:oncommand_shift:-:*:*:*:*:*:*:* |
redhat | enterprise_linux_server_update_services_for_sap_solutions | 7.4 | cpe:2.3:a:redhat:enterprise_linux_server_update_services_for_sap_solutions:7.4:*:*:*:*:*:*:* |
redhat | enterprise_linux_server_update_services_for_sap_solutions | 7.6 | cpe:2.3:a:redhat:enterprise_linux_server_update_services_for_sap_solutions:7.6:*:*:*:*:*:*:* |
redhat | enterprise_linux_server_update_services_for_sap_solutions | 7.7 | cpe:2.3:a:redhat:enterprise_linux_server_update_services_for_sap_solutions:7.7:*:*:*:*:*:*:* |
redhat | jboss_enterprise_web_server | 2.0.0 | cpe:2.3:a:redhat:jboss_enterprise_web_server:2.0.0:*:*:*:*:*:*:* |
redhat | jboss_enterprise_web_server | 3.0.0 | cpe:2.3:a:redhat:jboss_enterprise_web_server:3.0.0:*:*:*:*:*:*:* |
breaktoprotect.blogspot.com/2017/09/the-case-of-cve-2017-12615-tomcat-7-put.html
www.securityfocus.com/bid/100901
www.securitytracker.com/id/1039392
access.redhat.com/errata/RHSA-2017:3080
access.redhat.com/errata/RHSA-2017:3081
access.redhat.com/errata/RHSA-2017:3113
access.redhat.com/errata/RHSA-2017:3114
access.redhat.com/errata/RHSA-2018:0465
access.redhat.com/errata/RHSA-2018:0466
github.com/breaktoprotect/CVE-2017-12615
lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708%40%3Cdev.tomcat.apache.org%3E
lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7%40%3Cdev.tomcat.apache.org%3E
lists.apache.org/thread.html/845312a10aabbe2c499fca94003881d2c79fc993d85f34c1f5c77424%40%3Cdev.tomcat.apache.org%3E
lists.apache.org/thread.html/8fcb1e2d5895413abcf266f011b9918ae03e0b7daceb118ffbf23f8c%40%3Cannounce.tomcat.apache.org%3E
lists.apache.org/thread.html/r6d03e45b81eab03580cf7f8bb51cb3e9a1b10a2cc0c6a2d3cc92ed0c%40%3Cannounce.apache.org%3E
lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c%40%3Cdev.tomcat.apache.org%3E
security.netapp.com/advisory/ntap-20171018-0001/
www.exploit-db.com/exploits/42953/
www.synology.com/support/security/Synology_SA_17_54_Tomcat
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
Confidence
High
EPSS
Percentile
99.8%