CVE-2017-12617

When running Apache Tomcat versions 9.0.0.M1 to 9.0.0, 8.5.0 to 8.5.22, 8.0.0.RC1 to 8.0.46 and 7.0.0 to 7.0.81 with HTTP PUTs enabled (e.g. via setting the readonly initialisation parameter of the Default servlet to false) it was possible to upload a JSP file to the server via a specially crafted request. This JSP could then be requested and any code it contained would be executed by the server.

Published : 2017-10-04 01:29 Updated : 2019-04-15 16:30

6.8
CVSS Score More info
Score 6.8 / 10
6.8
Vendor Product Version URI
Apache Tomcat 7.0.0 cpe:/a:apache:tomcat:7.0.0
Apache Tomcat 7.0.1 cpe:/a:apache:tomcat:7.0.1
Apache Tomcat 7.0.2 cpe:/a:apache:tomcat:7.0.2
Apache Tomcat 7.0.2 cpe:/a:apache:tomcat:7.0.2:beta
Apache Tomcat 7.0.3 cpe:/a:apache:tomcat:7.0.3
Apache Tomcat 7.0.4 cpe:/a:apache:tomcat:7.0.4
Apache Tomcat 7.0.4 cpe:/a:apache:tomcat:7.0.4:beta
Apache Tomcat 7.0.5 cpe:/a:apache:tomcat:7.0.5
Apache Tomcat 7.0.5 cpe:/a:apache:tomcat:7.0.5:beta
Apache Tomcat 7.0.6 cpe:/a:apache:tomcat:7.0.6
Apache Tomcat 7.0.7 cpe:/a:apache:tomcat:7.0.7
Apache Tomcat 7.0.8 cpe:/a:apache:tomcat:7.0.8
Apache Tomcat 7.0.9 cpe:/a:apache:tomcat:7.0.9
Apache Tomcat 7.0.10 cpe:/a:apache:tomcat:7.0.10
Apache Tomcat 7.0.11 cpe:/a:apache:tomcat:7.0.11
Apache Tomcat 7.0.12 cpe:/a:apache:tomcat:7.0.12
Apache Tomcat 7.0.13 cpe:/a:apache:tomcat:7.0.13
Apache Tomcat 7.0.14 cpe:/a:apache:tomcat:7.0.14
Apache Tomcat 7.0.15 cpe:/a:apache:tomcat:7.0.15
Apache Tomcat 7.0.16 cpe:/a:apache:tomcat:7.0.16
Apache Tomcat 7.0.17 cpe:/a:apache:tomcat:7.0.17
Apache Tomcat 7.0.18 cpe:/a:apache:tomcat:7.0.18
Apache Tomcat 7.0.19 cpe:/a:apache:tomcat:7.0.19
Apache Tomcat 7.0.20 cpe:/a:apache:tomcat:7.0.20
Apache Tomcat 7.0.21 cpe:/a:apache:tomcat:7.0.21
Apache Tomcat 7.0.22 cpe:/a:apache:tomcat:7.0.22
Apache Tomcat 7.0.23 cpe:/a:apache:tomcat:7.0.23
Apache Tomcat 7.0.24 cpe:/a:apache:tomcat:7.0.24
Apache Tomcat 7.0.25 cpe:/a:apache:tomcat:7.0.25
Apache Tomcat 7.0.26 cpe:/a:apache:tomcat:7.0.26
Apache Tomcat 7.0.27 cpe:/a:apache:tomcat:7.0.27
Apache Tomcat 7.0.28 cpe:/a:apache:tomcat:7.0.28
Apache Tomcat 7.0.29 cpe:/a:apache:tomcat:7.0.29
Apache Tomcat 7.0.30 cpe:/a:apache:tomcat:7.0.30
Apache Tomcat 7.0.31 cpe:/a:apache:tomcat:7.0.31
Apache Tomcat 7.0.32 cpe:/a:apache:tomcat:7.0.32
Apache Tomcat 7.0.33 cpe:/a:apache:tomcat:7.0.33
Apache Tomcat 7.0.34 cpe:/a:apache:tomcat:7.0.34
Apache Tomcat 7.0.35 cpe:/a:apache:tomcat:7.0.35
Apache Tomcat 7.0.36 cpe:/a:apache:tomcat:7.0.36
Apache Tomcat 7.0.37 cpe:/a:apache:tomcat:7.0.37
Apache Tomcat 7.0.38 cpe:/a:apache:tomcat:7.0.38
Apache Tomcat 7.0.39 cpe:/a:apache:tomcat:7.0.39
Apache Tomcat 7.0.40 cpe:/a:apache:tomcat:7.0.40
Apache Tomcat 7.0.41 cpe:/a:apache:tomcat:7.0.41
Apache Tomcat 7.0.42 cpe:/a:apache:tomcat:7.0.42
Apache Tomcat 7.0.43 cpe:/a:apache:tomcat:7.0.43
Apache Tomcat 7.0.44 cpe:/a:apache:tomcat:7.0.44
Apache Tomcat 7.0.45 cpe:/a:apache:tomcat:7.0.45
Apache Tomcat 7.0.46 cpe:/a:apache:tomcat:7.0.46
Apache Tomcat 7.0.47 cpe:/a:apache:tomcat:7.0.47
Apache Tomcat 7.0.48 cpe:/a:apache:tomcat:7.0.48
Apache Tomcat 7.0.49 cpe:/a:apache:tomcat:7.0.49
Apache Tomcat 7.0.50 cpe:/a:apache:tomcat:7.0.50
Apache Tomcat 7.0.51 cpe:/a:apache:tomcat:7.0.51
Apache Tomcat 7.0.54 cpe:/a:apache:tomcat:7.0.54
Apache Tomcat 7.0.55 cpe:/a:apache:tomcat:7.0.55
Apache Tomcat 7.0.56 cpe:/a:apache:tomcat:7.0.56
Apache Tomcat 7.0.57 cpe:/a:apache:tomcat:7.0.57
Apache Tomcat 7.0.58 cpe:/a:apache:tomcat:7.0.58
Apache Tomcat 7.0.59 cpe:/a:apache:tomcat:7.0.59
Apache Tomcat 7.0.60 cpe:/a:apache:tomcat:7.0.60
Apache Tomcat 7.0.61 cpe:/a:apache:tomcat:7.0.61
Apache Tomcat 7.0.62 cpe:/a:apache:tomcat:7.0.62
Apache Tomcat 7.0.63 cpe:/a:apache:tomcat:7.0.63
Apache Tomcat 7.0.64 cpe:/a:apache:tomcat:7.0.64
Apache Tomcat 7.0.65 cpe:/a:apache:tomcat:7.0.65
Apache Tomcat 7.0.66 cpe:/a:apache:tomcat:7.0.66
Apache Tomcat 7.0.67 cpe:/a:apache:tomcat:7.0.67
Apache Tomcat 7.0.68 cpe:/a:apache:tomcat:7.0.68
Apache Tomcat 7.0.69 cpe:/a:apache:tomcat:7.0.69
Apache Tomcat 7.0.70 cpe:/a:apache:tomcat:7.0.70
Apache Tomcat 7.0.71 cpe:/a:apache:tomcat:7.0.71
Apache Tomcat 7.0.72 cpe:/a:apache:tomcat:7.0.72
Apache Tomcat 7.0.73 cpe:/a:apache:tomcat:7.0.73
Apache Tomcat 7.0.74 cpe:/a:apache:tomcat:7.0.74
Apache Tomcat 7.0.75 cpe:/a:apache:tomcat:7.0.75
Apache Tomcat 7.0.76 cpe:/a:apache:tomcat:7.0.76
Apache Tomcat 7.0.77 cpe:/a:apache:tomcat:7.0.77
Apache Tomcat 7.0.79 cpe:/a:apache:tomcat:7.0.79
Apache Tomcat 7.0.80 cpe:/a:apache:tomcat:7.0.80
Apache Tomcat 7.0.81 cpe:/a:apache:tomcat:7.0.81
Apache Tomcat 8.0.0 cpe:/a:apache:tomcat:8.0.0:rc1
Apache Tomcat 8.0.0 cpe:/a:apache:tomcat:8.0.0:rc10
Apache Tomcat 8.0.0 cpe:/a:apache:tomcat:8.0.0:rc2
Apache Tomcat 8.0.0 cpe:/a:apache:tomcat:8.0.0:rc5
Apache Tomcat 8.0.1 cpe:/a:apache:tomcat:8.0.1
Apache Tomcat 8.0.2 cpe:/a:apache:tomcat:8.0.2
Apache Tomcat 8.0.4 cpe:/a:apache:tomcat:8.0.4
Apache Tomcat 8.0.6 cpe:/a:apache:tomcat:8.0.6
Apache Tomcat 8.0.7 cpe:/a:apache:tomcat:8.0.7
Apache Tomcat 8.0.9 cpe:/a:apache:tomcat:8.0.9
Apache Tomcat 8.0.10 cpe:/a:apache:tomcat:8.0.10
Apache Tomcat 8.0.11 cpe:/a:apache:tomcat:8.0.11
Apache Tomcat 8.0.12 cpe:/a:apache:tomcat:8.0.12
Apache Tomcat 8.0.13 cpe:/a:apache:tomcat:8.0.13
Apache Tomcat 8.0.14 cpe:/a:apache:tomcat:8.0.14
Apache Tomcat 8.0.15 cpe:/a:apache:tomcat:8.0.15
Apache Tomcat 8.0.16 cpe:/a:apache:tomcat:8.0.16
Apache Tomcat 8.0.17 cpe:/a:apache:tomcat:8.0.17
Apache Tomcat 8.0.18 cpe:/a:apache:tomcat:8.0.18
Apache Tomcat 8.0.19 cpe:/a:apache:tomcat:8.0.19
Apache Tomcat 8.0.20 cpe:/a:apache:tomcat:8.0.20
Apache Tomcat 8.0.21 cpe:/a:apache:tomcat:8.0.21
Apache Tomcat 8.0.22 cpe:/a:apache:tomcat:8.0.22
Apache Tomcat 8.0.23 cpe:/a:apache:tomcat:8.0.23
Apache Tomcat 8.0.24 cpe:/a:apache:tomcat:8.0.24
Apache Tomcat 8.0.25 cpe:/a:apache:tomcat:8.0.25
Apache Tomcat 8.0.26 cpe:/a:apache:tomcat:8.0.26
Apache Tomcat 8.0.27 cpe:/a:apache:tomcat:8.0.27
Apache Tomcat 8.0.28 cpe:/a:apache:tomcat:8.0.28
Apache Tomcat 8.0.29 cpe:/a:apache:tomcat:8.0.29
Apache Tomcat 8.0.30 cpe:/a:apache:tomcat:8.0.30
Apache Tomcat 8.0.31 cpe:/a:apache:tomcat:8.0.31
Apache Tomcat 8.0.32 cpe:/a:apache:tomcat:8.0.32
Apache Tomcat 8.0.33 cpe:/a:apache:tomcat:8.0.33
Apache Tomcat 8.0.34 cpe:/a:apache:tomcat:8.0.34
Apache Tomcat 8.0.35 cpe:/a:apache:tomcat:8.0.35
Apache Tomcat 8.0.36 cpe:/a:apache:tomcat:8.0.36
Apache Tomcat 8.0.37 cpe:/a:apache:tomcat:8.0.37
Apache Tomcat 8.0.38 cpe:/a:apache:tomcat:8.0.38
Apache Tomcat 8.0.39 cpe:/a:apache:tomcat:8.0.39
Apache Tomcat 8.0.40 cpe:/a:apache:tomcat:8.0.40
Apache Tomcat 8.0.41 cpe:/a:apache:tomcat:8.0.41
Apache Tomcat 8.0.42 cpe:/a:apache:tomcat:8.0.42
Apache Tomcat 8.0.43 cpe:/a:apache:tomcat:8.0.43
Apache Tomcat 8.0.44 cpe:/a:apache:tomcat:8.0.44
Apache Tomcat 8.0.45 cpe:/a:apache:tomcat:8.0.45
Apache Tomcat 8.0.46 cpe:/a:apache:tomcat:8.0.46
Apache Tomcat 8.5.0 cpe:/a:apache:tomcat:8.5.0
Apache Tomcat 8.5.1 cpe:/a:apache:tomcat:8.5.1
Apache Tomcat 8.5.2 cpe:/a:apache:tomcat:8.5.2
Apache Tomcat 8.5.3 cpe:/a:apache:tomcat:8.5.3
Apache Tomcat 8.5.4 cpe:/a:apache:tomcat:8.5.4
Apache Tomcat 8.5.5 cpe:/a:apache:tomcat:8.5.5
Apache Tomcat 8.5.6 cpe:/a:apache:tomcat:8.5.6
Apache Tomcat 8.5.7 cpe:/a:apache:tomcat:8.5.7
Apache Tomcat 8.5.8 cpe:/a:apache:tomcat:8.5.8
Apache Tomcat 8.5.9 cpe:/a:apache:tomcat:8.5.9
Apache Tomcat 8.5.10 cpe:/a:apache:tomcat:8.5.10
Apache Tomcat 8.5.11 cpe:/a:apache:tomcat:8.5.11
Apache Tomcat 8.5.12 cpe:/a:apache:tomcat:8.5.12
Apache Tomcat 8.5.13 cpe:/a:apache:tomcat:8.5.13
Apache Tomcat 8.5.14 cpe:/a:apache:tomcat:8.5.14
Apache Tomcat 8.5.15 cpe:/a:apache:tomcat:8.5.15
Apache Tomcat 8.5.16 cpe:/a:apache:tomcat:8.5.16
Apache Tomcat 8.5.17 cpe:/a:apache:tomcat:8.5.17
Apache Tomcat 8.5.18 cpe:/a:apache:tomcat:8.5.18
Apache Tomcat 8.5.19 cpe:/a:apache:tomcat:8.5.19
Apache Tomcat 8.5.20 cpe:/a:apache:tomcat:8.5.20
Apache Tomcat 8.5.21 cpe:/a:apache:tomcat:8.5.21
Apache Tomcat 8.5.22 cpe:/a:apache:tomcat:8.5.22
Apache Tomcat 9.0.0 cpe:/a:apache:tomcat:9.0.0
Apache Tomcat 9.0.0 cpe:/a:apache:tomcat:9.0.0:m1
Apache Tomcat 9.0.0 cpe:/a:apache:tomcat:9.0.0:m10
Apache Tomcat 9.0.0 cpe:/a:apache:tomcat:9.0.0:m11
Apache Tomcat 9.0.0 cpe:/a:apache:tomcat:9.0.0:m12
Apache Tomcat 9.0.0 cpe:/a:apache:tomcat:9.0.0:m13
Apache Tomcat 9.0.0 cpe:/a:apache:tomcat:9.0.0:m14
Apache Tomcat 9.0.0 cpe:/a:apache:tomcat:9.0.0:m15
Apache Tomcat 9.0.0 cpe:/a:apache:tomcat:9.0.0:m16
Apache Tomcat 9.0.0 cpe:/a:apache:tomcat:9.0.0:m17
Apache Tomcat 9.0.0 cpe:/a:apache:tomcat:9.0.0:m18
Apache Tomcat 9.0.0 cpe:/a:apache:tomcat:9.0.0:m19
Apache Tomcat 9.0.0 cpe:/a:apache:tomcat:9.0.0:m2
Apache Tomcat 9.0.0 cpe:/a:apache:tomcat:9.0.0:m20
Apache Tomcat 9.0.0 cpe:/a:apache:tomcat:9.0.0:m21
Apache Tomcat 9.0.0 cpe:/a:apache:tomcat:9.0.0:m22
Apache Tomcat 9.0.0 cpe:/a:apache:tomcat:9.0.0:m3
Apache Tomcat 9.0.0 cpe:/a:apache:tomcat:9.0.0:m4
Apache Tomcat 9.0.0 cpe:/a:apache:tomcat:9.0.0:m5
Apache Tomcat 9.0.0 cpe:/a:apache:tomcat:9.0.0:m6
Apache Tomcat 9.0.0 cpe:/a:apache:tomcat:9.0.0:m7
Apache Tomcat 9.0.0 cpe:/a:apache:tomcat:9.0.0:m8
Apache Tomcat 9.0.0 cpe:/a:apache:tomcat:9.0.0:m9
  1. Apache (1) Search CVE
    1. Tomcat (147) Search CVE
      1. 7.0.0
      2. 7.0.1
      3. 7.0.2
      4. 7.0.3
      5. 7.0.4
      6. 7.0.5
      7. 7.0.6
      8. 7.0.7
      9. 7.0.8
      10. 7.0.9
      11. 7.0.10
      12. 7.0.11
      13. 7.0.12
      14. 7.0.13
      15. 7.0.14
      16. 7.0.15
      17. 7.0.16
      18. 7.0.17
      19. 7.0.18
      20. 7.0.19
      21. 7.0.20
      22. 7.0.21
      23. 7.0.22
      24. 7.0.23
      25. 7.0.24
      26. 7.0.25
      27. 7.0.26
      28. 7.0.27
      29. 7.0.28
      30. 7.0.29
      31. 7.0.30
      32. 7.0.31
      33. 7.0.32
      34. 7.0.33
      35. 7.0.34
      36. 7.0.35
      37. 7.0.36
      38. 7.0.37
      39. 7.0.38
      40. 7.0.39
      41. 7.0.40
      42. 7.0.41
      43. 7.0.42
      44. 7.0.43
      45. 7.0.44
      46. 7.0.45
      47. 7.0.46
      48. 7.0.47
      49. 7.0.48
      50. 7.0.49
      51. 7.0.50
      52. 7.0.51
      53. 7.0.54
      54. 7.0.55
      55. 7.0.56
      56. 7.0.57
      57. 7.0.58
      58. 7.0.59
      59. 7.0.60
      60. 7.0.61
      61. 7.0.62
      62. 7.0.63
      63. 7.0.64
      64. 7.0.65
      65. 7.0.66
      66. 7.0.67
      67. 7.0.68
      68. 7.0.69
      69. 7.0.70
      70. 7.0.71
      71. 7.0.72
      72. 7.0.73
      73. 7.0.74
      74. 7.0.75
      75. 7.0.76
      76. 7.0.77
      77. 7.0.79
      78. 7.0.80
      79. 7.0.81
      80. 8.0.0
      81. 8.0.1
      82. 8.0.2
      83. 8.0.4
      84. 8.0.6
      85. 8.0.7
      86. 8.0.9
      87. 8.0.10
      88. 8.0.11
      89. 8.0.12
      90. 8.0.13
      91. 8.0.14
      92. 8.0.15
      93. 8.0.16
      94. 8.0.17
      95. 8.0.18
      96. 8.0.19
      97. 8.0.20
      98. 8.0.21
      99. 8.0.22
      100. 8.0.23
      101. 8.0.24
      102. 8.0.25
      103. 8.0.26
      104. 8.0.27
      105. 8.0.28
      106. 8.0.29
      107. 8.0.30
      108. 8.0.31
      109. 8.0.32
      110. 8.0.33
      111. 8.0.34
      112. 8.0.35
      113. 8.0.36
      114. 8.0.37
      115. 8.0.38
      116. 8.0.39
      117. 8.0.40
      118. 8.0.41
      119. 8.0.42
      120. 8.0.43
      121. 8.0.44
      122. 8.0.45
      123. 8.0.46
      124. 8.5.0
      125. 8.5.1
      126. 8.5.2
      127. 8.5.3
      128. 8.5.4
      129. 8.5.5
      130. 8.5.6
      131. 8.5.7
      132. 8.5.8
      133. 8.5.9
      134. 8.5.10
      135. 8.5.11
      136. 8.5.12
      137. 8.5.13
      138. 8.5.14
      139. 8.5.15
      140. 8.5.16
      141. 8.5.17
      142. 8.5.18
      143. 8.5.19
      144. 8.5.20
      145. 8.5.21
      146. 8.5.22
      147. 9.0.0

CWE

ID Name Description Links
CWE-434 Unrestricted Upload of File with Dangerous Type The software allows the attacker to upload or transfer files of dangerous types that can be automatically processed within the product's environment. CVE

References

Source Link
MLIST https://lists.apache.org/thread.html/3fd341a604c4e9eab39e7eaabbbac39c30101a022acc11dd09d7ebcb@%3Cannounce.tomcat.apache.org%3E
BID http://www.securityfocus.com/bid/100954
EXPLOIT-DB https://www.exploit-db.com/exploits/42966/
SECTRACK http://www.securitytracker.com/id/1039552
EXPLOIT-DB https://www.exploit-db.com/exploits/43008/
CONFIRM https://security.netapp.com/advisory/ntap-20171018-0002/
REDHAT https://access.redhat.com/errata/RHSA-2017:3081
REDHAT https://access.redhat.com/errata/RHSA-2017:3080
REDHAT https://access.redhat.com/errata/RHSA-2017:3114
REDHAT https://access.redhat.com/errata/RHSA-2017:3113
CONFIRM http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html
CONFIRM https://security.netapp.com/advisory/ntap-20180117-0002/
MLIST https://lists.debian.org/debian-lts-announce/2017/11/msg00009.html
REDHAT https://access.redhat.com/errata/RHSA-2018:0275
REDHAT https://access.redhat.com/errata/RHSA-2018:0270
REDHAT https://access.redhat.com/errata/RHSA-2018:0268
REDHAT https://access.redhat.com/errata/RHSA-2018:0271
REDHAT https://access.redhat.com/errata/RHSA-2018:0269
REDHAT https://access.redhat.com/errata/RHSA-2018:0465
REDHAT https://access.redhat.com/errata/RHSA-2018:0466
CONFIRM http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html
CONFIRM https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03828en_us
CONFIRM https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03812en_us
UBUNTU https://usn.ubuntu.com/3665-1/
CONFIRM http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html
REDHAT https://access.redhat.com/errata/RHSA-2018:2939
MLIST https://lists.apache.org/thread.html/eb6efa8d59c45a7a9eff94c4b925467d3b3fec8ba7697f3daa314b04@%3Cdev.tomcat.apache.org%3E
MLIST https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551@%3Cdev.tomcat.apache.org%3E
MLIST https://lists.apache.org/thread.html/b5e3f51d28cd5d9b1809f56594f2cf63dcd6a90429e16ea9f83bbedc@%3Cdev.tomcat.apache.org%3E
MLIST https://lists.apache.org/thread.html/5c0e00fd31efc11e147bf99d0f03c00a734447d3b131ab0818644cdb@%3Cdev.tomcat.apache.org%3E
MLIST https://lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708@%3Cdev.tomcat.apache.org%3E
CONFIRM https://support.f5.com/csp/article/K53173544
MLIST https://lists.apache.org/thread.html/1dd0a59c1295cc08ce4c9e7edae5ad2268acc9ba55adcefa0532e5ba@%3Cdev.tomcat.apache.org%3E
MLIST https://lists.apache.org/thread.html/845312a10aabbe2c499fca94003881d2c79fc993d85f34c1f5c77424@%3Cdev.tomcat.apache.org%3E
MLIST https://lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7@%3Cdev.tomcat.apache.org%3E
MLIST https://lists.apache.org/thread.html/6af47120905aa7d8fe12f42e8ff2284fb338ba141d3b77b8c7cb61b3@%3Cdev.tomcat.apache.org%3E
MLIST https://lists.apache.org/thread.html/e85e83e9954f169bbb77b44baae5a33d8de878df557bb32b7f793661@%3Cdev.tomcat.apache.org%3E
MLIST https://lists.apache.org/thread.html/88855876c33f2f9c532ffb75bfee570ccf0b17ffa77493745af9a17a@%3Cdev.tomcat.apache.org%3E

History of changes

Date Event
2019-04-15 16:30
2019-03-25 21:29
2019-03-25 11:35
2019-03-21 15:59
2018-10-18 10:29
2018-07-19 01:29
2018-06-01 01:29
2018-05-10 01:29
2018-04-20 01:29
2018-03-09 02:29
2018-02-07 02:29
2018-02-04 02:29
2018-01-18 18:18
2017-12-02 02:29
2017-11-10 02:29
2017-10-23 12:53
2017-10-20 01:29
2017-10-19 01:30
2017-10-12 05:30
2017-10-05 05:30
2017-10-04 01:29

New CVE