First published: Tue Sep 19 2017(Updated: )
A vulnerability was discovered in Tomcat where if a servlet context was configured with readonly=false and HTTP PUT requests were allowed, an attacker could upload a JSP file to that context and achieve code execution.
Credit: security@apache.org security@apache.org
Affected Software | Affected Version | How to fix |
---|---|---|
redhat/tomcat6 | <0:6.0.24-111.el6_9 | 0:6.0.24-111.el6_9 |
redhat/tomcat | <0:7.0.76-3.el7_4 | 0:7.0.76-3.el7_4 |
redhat/httpd | <0:2.2.26-57.ep6.el6 | 0:2.2.26-57.ep6.el6 |
redhat/jbcs-httpd24-openssl | <1:1.0.2h-14.jbcs.el6 | 1:1.0.2h-14.jbcs.el6 |
redhat/tomcat6 | <0:6.0.41-19_patch_04.ep6.el6 | 0:6.0.41-19_patch_04.ep6.el6 |
redhat/tomcat7 | <0:7.0.54-28_patch_05.ep6.el6 | 0:7.0.54-28_patch_05.ep6.el6 |
redhat/httpd22 | <0:2.2.26-58.ep6.el7 | 0:2.2.26-58.ep6.el7 |
redhat/jbcs-httpd24-openssl | <1:1.0.2h-14.jbcs.el7 | 1:1.0.2h-14.jbcs.el7 |
redhat/tomcat6 | <0:6.0.41-19_patch_04.ep6.el7 | 0:6.0.41-19_patch_04.ep6.el7 |
redhat/tomcat7 | <0:7.0.54-28_patch_05.ep6.el7 | 0:7.0.54-28_patch_05.ep6.el7 |
redhat/tomcat7 | <0:7.0.70-25.ep7.el6 | 0:7.0.70-25.ep7.el6 |
redhat/tomcat8 | <0:8.0.36-29.ep7.el6 | 0:8.0.36-29.ep7.el6 |
redhat/tomcat-native | <0:1.2.8-11.redhat_11.ep7.el6 | 0:1.2.8-11.redhat_11.ep7.el6 |
redhat/tomcat-vault | <0:1.1.6-1.Final_redhat_1.1.ep7.el6 | 0:1.1.6-1.Final_redhat_1.1.ep7.el6 |
redhat/tomcat7 | <0:7.0.70-25.ep7.el7 | 0:7.0.70-25.ep7.el7 |
redhat/tomcat8 | <0:8.0.36-29.ep7.el7 | 0:8.0.36-29.ep7.el7 |
redhat/tomcat-native | <0:1.2.8-11.redhat_11.ep7.el7 | 0:1.2.8-11.redhat_11.ep7.el7 |
redhat/tomcat-vault | <0:1.1.6-1.Final_redhat_1.1.ep7.el7 | 0:1.1.6-1.Final_redhat_1.1.ep7.el7 |
redhat/tomcat | <7.0.81 | 7.0.81 |
maven/org.apache.tomcat.embed:tomcat-embed-core | >=7.0.0<7.0.79 | 7.0.79 |
Tomcat | ||
All of | ||
Tomcat | >=7.0.0<=7.0.79 | |
Microsoft Windows Operating System | ||
NetApp 7-Mode Transition Tool | ||
NetApp OnCommand Balance | ||
NetApp OnCommand Shift | ||
Red Hat Enterprise Linux Server Update Services for SAP Solutions | =7.4 | |
Red Hat Enterprise Linux Server Update Services for SAP Solutions | =7.6 | |
Red Hat Enterprise Linux Server Update Services for SAP Solutions | =7.7 | |
Red Hat JBoss Enterprise Web Server | =2.0.0 | |
Red Hat JBoss Enterprise Web Server | =3.0.0 | |
Red Hat JBoss Enterprise Web Server | ||
Red Hat Enterprise Linux Desktop | =6.0 | |
Red Hat Enterprise Linux Desktop | =7.0 | |
Red Hat Enterprise Linux Server EUS | =7.4 | |
Red Hat Enterprise Linux Server EUS | =7.5 | |
Red Hat Enterprise Linux Server EUS | =7.6 | |
Red Hat Enterprise Linux Server EUS | =7.7 | |
Red Hat Enterprise Linux | =7.4 | |
Red Hat Enterprise Linux | =7.5 | |
Red Hat Enterprise Linux | =7.6 | |
Red Hat Enterprise Linux | =7.7 | |
Red Hat Enterprise Linux for IBM Z Systems | =7.0_s390x | |
Red Hat Enterprise Linux for IBM Z Systems (s390x) | =7.4_s390x | |
Red Hat Enterprise Linux for IBM Z Systems (s390x) | =7.5_s390x | |
Red Hat Enterprise Linux for IBM Z Systems (s390x) | =7.6_s390x | |
Red Hat Enterprise Linux for IBM Z Systems (s390x) | =7.7_s390x | |
Red Hat Enterprise Linux for Power, big endian | =7.0_ppc64 | |
Red Hat Enterprise Linux for Power, Big Endian EUS | =7.4_ppc64 | |
Red Hat Enterprise Linux for Power, Big Endian EUS | =7.5_ppc64 | |
Red Hat Enterprise Linux for Power, Big Endian EUS | =7.6_ppc64 | |
Red Hat Enterprise Linux for Power, Big Endian EUS | =7.7_ppc64 | |
Red Hat Enterprise Linux for Power, little endian | =7.0_ppc64le | |
Red Hat Enterprise Linux for Power, little endian - Extended Update Support | =7.4_ppc64le | |
Red Hat Enterprise Linux for Power, little endian - Extended Update Support | =7.5_ppc64le | |
Red Hat Enterprise Linux for Power, little endian - Extended Update Support | =7.6_ppc64le | |
Red Hat Enterprise Linux for Power, little endian - Extended Update Support | =7.7_ppc64le | |
Red Hat Enterprise Linux for Scientific Computing | =7.0 | |
Red Hat Enterprise Linux Server | =6.0 | |
Red Hat Enterprise Linux Server | =7.0 | |
Red Hat Enterprise Linux Server | =7.4 | |
Red Hat Enterprise Linux Server | =7.6 | |
Red Hat Enterprise Linux Server | =7.7 | |
Red Hat Enterprise Linux for SAP Applications for Power, little endian - Extended Update Support | =7.4_ppc64le | |
Red Hat Enterprise Linux for SAP Applications for Power, little endian - Extended Update Support | =7.6_ppc64le | |
Red Hat Enterprise Linux for SAP Applications for Power, little endian - Extended Update Support | =7.7_ppc64le | |
Red Hat Enterprise Linux for SAP Applications for Power, little endian - Extended Update Support | =9.2_ppc64le | |
Red Hat Enterprise Linux Server | =7.4 | |
Red Hat Enterprise Linux Server | =7.6 | |
Red Hat Enterprise Linux Server | =7.7 | |
Red Hat Enterprise Linux Workstation | =6.0 | |
Red Hat Enterprise Linux Workstation | =7.0 | |
Tomcat | =7.0 | |
Tomcat | =7.0.0 | |
Tomcat | =7.0.0-beta | |
Tomcat | =7.0.1 | |
Tomcat | =7.0.2 | |
Tomcat | =7.0.2-beta | |
Tomcat | =7.0.3 | |
Tomcat | =7.0.4 | |
Tomcat | =7.0.4-beta | |
Tomcat | =7.0.5 | |
Tomcat | =7.0.5-beta | |
Tomcat | =7.0.6 | |
Tomcat | =7.0.7 | |
Tomcat | =7.0.8 | |
Tomcat | =7.0.9 | |
Tomcat | =7.0.10 | |
Tomcat | =7.0.11 | |
Tomcat | =7.0.12 | |
Tomcat | =7.0.13 | |
Tomcat | =7.0.14 | |
Tomcat | =7.0.15 | |
Tomcat | =7.0.16 | |
Tomcat | =7.0.17 | |
Tomcat | =7.0.18 | |
Tomcat | =7.0.19 | |
Tomcat | =7.0.20 | |
Tomcat | =7.0.21 | |
Tomcat | =7.0.22 | |
Tomcat | =7.0.23 | |
Tomcat | =7.0.24 | |
Tomcat | =7.0.25 | |
Tomcat | =7.0.26 | |
Tomcat | =7.0.27 | |
Tomcat | =7.0.28 | |
Tomcat | =7.0.29 | |
Tomcat | =7.0.30 | |
Tomcat | =7.0.31 | |
Tomcat | =7.0.32 | |
Tomcat | =7.0.33 | |
Tomcat | =7.0.34 | |
Tomcat | =7.0.35 | |
Tomcat | =7.0.36 | |
Tomcat | =7.0.37 | |
Tomcat | =7.0.38 | |
Tomcat | =7.0.39 | |
Tomcat | =7.0.40 | |
Tomcat | =7.0.41 | |
Tomcat | =7.0.42 | |
Tomcat | =7.0.43 | |
Tomcat | =7.0.44 | |
Tomcat | =7.0.45 | |
Tomcat | =7.0.46 | |
Tomcat | =7.0.47 | |
Tomcat | =7.0.48 | |
Tomcat | =7.0.49 | |
Tomcat | =7.0.50 | |
Tomcat | =7.0.51 | |
Tomcat | =7.0.54 | |
Tomcat | =7.0.55 | |
Tomcat | =7.0.56 | |
Tomcat | =7.0.57 | |
Tomcat | =7.0.58 | |
Tomcat | =7.0.59 | |
Tomcat | =7.0.60 | |
Tomcat | =7.0.61 | |
Tomcat | =7.0.62 | |
Tomcat | =7.0.63 | |
Tomcat | =7.0.64 | |
Tomcat | =7.0.65 | |
Tomcat | =7.0.66 | |
Tomcat | =7.0.67 | |
Tomcat | =7.0.68 | |
Tomcat | =7.0.69 | |
Tomcat | =7.0.70 | |
Tomcat | =7.0.71 | |
Tomcat | =7.0.72 | |
Tomcat | =7.0.73 | |
Tomcat | =7.0.74 | |
Tomcat | =7.0.75 | |
Tomcat | =7.0.76 | |
Tomcat | =7.0.77 | |
Tomcat | =7.0.79 | |
Microsoft Windows Operating System |
Ensure that readonly is set to true (the default) for the DefaultServlet, WebDAV servlet or application context. Block HTTP methods that permit resource modification for untrusted users.
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
(Appears in the following advisories)
CVE-2017-12615 has been assigned a medium severity rating due to the potential for unauthorized code execution through malicious file uploads.
To fix CVE-2017-12615, upgrade Apache Tomcat to version 7.0.81 or later.
Versions of Apache Tomcat from 7.0.0 to 7.0.79 are affected by CVE-2017-12615.
CVE-2017-12615 specifically affects Apache Tomcat running on Windows systems.
Yes, CVE-2017-12615 can be exploited remotely if the server allows HTTP PUT requests to a servlet context configured with readonly=false.