CVE-2017-12617
CVSS Score
V3.1EPSS Score
v2023.03.01There is a 97.3% chance that this vulnerability will be exploited in the wild within the next 30 days.
Attack Vector Metrics
Impact Metrics
Description
When running Apache Tomcat versions 9.0.0.M1 to 9.0.0, 8.5.0 to 8.5.22, 8.0.0.RC1 to 8.0.46 and 7.0.0 to 7.0.81 with HTTP PUTs enabled (e.g. via setting the readonly initialisation parameter of the Default servlet to false) it was possible to upload a JSP file to the server via a specially crafted request. This JSP could then be requested and any code it contained would be executed by the server.
Available Exploits
Apache Tomcat - Remote Code Execution
When running Apache Tomcat versions 9.0.0.M1 to 9.0.0, 8.5.0 to 8.5.22, 8.0.0.RC1 to 8.0.46 and 7.0.0 to 7.0.81 with HTTP PUTs enabled (e.g. via setting the readonly initialisation parameter of the Default servlet to false) it was possible to upload a JSP file to the server via a specially crafted request. This JSP could then be requested and any code it contained would be executed by the server.
References:
- https://versa-networks.com/blog/apache-tomcat-remote-code-execution-vulnerability-cve-2017-12617/
- https://github.com/cyberheartmi9/CVE-2017-12617
- https://www.exploit-db.com/exploits/43008
- https://nvd.nist.gov/vuln/detail/CVE-2017-12617
- http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html
Related News
Affected Products
Known Exploited Vulnerability
This vulnerability is actively being exploited in the wild
Remediation Status
Due Date
Added to KEV
Required Action
Apply updates per vendor instructions.