CVE-2017-12617

🗓️ 03 Jul 2021 23:30:26Reported by redhat.comType

redhatcve

redhatcve🔗 access.redhat.com👁 130 Views

A Tomcat vulnerability allows code execution via uploaded JSP fil

Reporter	Title	Published	Views	Family All 276
Gitee	Exploit for Unrestricted Upload of File with Dangerous Type in Apache Tomcat	16 May 202116:14	–	gitee
Gitee	Exploit for Unrestricted Upload of File with Dangerous Type in Apache Tomcat	7 Oct 202017:01	–	gitee
Gitee	Exploit for Deserialization of Untrusted Data in Redhat Jboss_Enterprise_Application_Platform	8 Dec 202020:38	–	gitee
Gitee	Exploit for Unrestricted Upload of File with Dangerous Type in Apache Tomcat	27 Apr 202114:33	–	gitee
Gitee	Exploit for Deserialization of Untrusted Data in Redhat Jboss_Enterprise_Application_Platform	6 May 202015:20	–	gitee
Gitee	Exploit for Unrestricted Upload of File with Dangerous Type in Apache Tomcat	6 Jul 202503:24	–	gitee
Gitee	Exploit for Argument Injection in Phpmailer_Project Phpmailer	5 Dec 201914:28	–	gitee
Gitee	Exploit for Unrestricted Upload of File with Dangerous Type in Apache Tomcat	22 Oct 202115:45	–	gitee
IBM Security Bulletins	Security Bulletin: Multiple Security Vulnerabilities in Apache Tomcat affect IBM Rational License Key Server Administration and Reporting Tool	17 Jun 201805:23	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple security vulnerabilities have been identified in Jazz Reporting Service shipped with Rational Insight (CVE-2017-12615, CVE-2017-12616, CVE-2017-12617)	17 Jun 201805:23	–	ibm

Source	Link
tomcat	www.tomcat.apache.org/security-7.htmlhttps://tomcat.apache.org/security-8.html
bugzilla	www.bugzilla.redhat.com/show_bug.cgi

25 Jun 2022 06:28Current

1.8Low risk

Vulners AI Score1.8

CVSS 26.8

CVSS 3.18.1

CVSS 38.1

EPSS0.9438

tomcat vulnerability code execution jsp file servlet context