CVE-2017-12615 — HIGH (8.1)

Q: How severe is CVE-2017-12615?

CVE-2017-12615 has been rated HIGH with a CVSS base score of 8.1/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2017-12615?

Check the references section above for vendor advisories and patch information. Affected products include: Apache Tomcat, Microsoft Windows, Netapp 7-Mode Transition Tool, Netapp Oncommand Balance, Netapp Oncommand Shift.

Vulnerability Description

When running Apache Tomcat 7.0.0 to 7.0.79 on Windows with HTTP PUTs enabled (e.g. via setting the readonly initialisation parameter of the Default to false) it was possible to upload a JSP file to the server via a specially crafted request. This JSP could then be requested and any code it contained would be executed by the server.

CVSS Score

8.1

HIGH

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

HIGH

Integrity

HIGH

Availability

HIGH

Affected Products

Vendor	Product	Versions
Apache	Tomcat	>= 7.0.0, <= 7.0.79
Microsoft	Windows	-
Netapp	7-Mode Transition Tool	-
Netapp	Oncommand Balance	-
Netapp	Oncommand Shift	-
Redhat	Enterprise Linux Server Update Services For Sap Solutions	7.4
Redhat	Jboss Enterprise Web Server	2.0.0
Redhat	Jboss Enterprise Web Server Text-Only Advisories	-
Redhat	Enterprise Linux Desktop	6.0
Redhat	Enterprise Linux Eus	7.4
Redhat	Enterprise Linux Eus Compute Node	7.4
Redhat	Enterprise Linux For Ibm Z Systems	7.0_s390x
Redhat	Enterprise Linux For Ibm Z Systems Eus	7.4_s390x
Redhat	Enterprise Linux For Power Big Endian	7.0_ppc64
Redhat	Enterprise Linux For Power Big Endian Eus	7.4_ppc64
Redhat	Enterprise Linux For Power Little Endian	7.0_ppc64le
Redhat	Enterprise Linux For Power Little Endian Eus	7.4_ppc64le
Redhat	Enterprise Linux For Scientific Computing	7.0
Redhat	Enterprise Linux Server	6.0
Redhat	Enterprise Linux Server Aus	7.4

Related Weaknesses (CWE)

CWE-434

References

http://breaktoprotect.blogspot.com/2017/09/the-case-of-cve-2017-12615-tomcat-7-pExploit
http://www.securityfocus.com/bid/100901Broken LinkThird Party AdvisoryVDB Entry
http://www.securitytracker.com/id/1039392Broken LinkThird Party AdvisoryVDB Entry
https://access.redhat.com/errata/RHSA-2017:3080Third Party Advisory
https://access.redhat.com/errata/RHSA-2017:3081Third Party Advisory
https://access.redhat.com/errata/RHSA-2017:3113Third Party Advisory
https://access.redhat.com/errata/RHSA-2017:3114Third Party Advisory
https://access.redhat.com/errata/RHSA-2018:0465Third Party Advisory
https://access.redhat.com/errata/RHSA-2018:0466Third Party Advisory
https://github.com/breaktoprotect/CVE-2017-12615ExploitThird Party Advisory
https://lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3cMailing ListPatch
https://lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f04f9Mailing ListPatch
https://lists.apache.org/thread.html/845312a10aabbe2c499fca94003881d2c79fc993d85Mailing ListPatch
https://lists.apache.org/thread.html/8fcb1e2d5895413abcf266f011b9918ae03e0b7daceIssue TrackingMailing List
https://lists.apache.org/thread.html/r6d03e45b81eab03580cf7f8bb51cb3e9a1b10a2cc0Mailing List

FAQ

What is CVE-2017-12615?

CVE-2017-12615 is a vulnerability with a CVSS score of 8.1 (HIGH). When running Apache Tomcat 7.0.0 to 7.0.79 on Windows with HTTP PUTs enabled (e.g. via setting the readonly initialisation parameter of the Default to false) it was possible to upload a JSP file to th...

How severe is CVE-2017-12615?

CVE-2017-12615 has been rated HIGH with a CVSS base score of 8.1/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2017-12615?

Check the references section above for vendor advisories and patch information. Affected products include: Apache Tomcat, Microsoft Windows, Netapp 7-Mode Transition Tool, Netapp Oncommand Balance, Netapp Oncommand Shift.