Apache Tomcat Remote Code Execution Vulnerability

Description

When running Apache Tomcat, it is possible to upload a JSP file to the server via a specially crafted request. This JSP could then be requested and any code it contained would be executed by the server.

Required Action

Apply updates per vendor instructions.

References

• https://nvd.nist.gov/vuln/detail/CVE-2017-12617

Additional Information

Catalog Version

2025.01.24

Catalog Released

Jan. 24, 2025

Days Until Due

0 days

Last Updated

4 months, 1 week ago