CVE-2017-12617 Scanner
Detects 'Remote Code Execution (RCE)' vulnerability in Apache Tomcat affects v. 9.0.0.M1 to 9.0.0, 8.5.0 to 8.5.22, 8.0.0.RC1 to 8.0.46 and 7.0.0 to 7.0.81.
Short Info
Level
High
Single Scan
Single Scan
Can be used by
Asset Owner
Estimated Time
10 sec
Time Interval
672 sec
Scan only one
Domain, Ipv4
Toolbox
-
Apache Tomcat is a widely used open-source web server and servlet container software. It provides a Java Platform Enterprise Edition (Java EE) environment for running Java code on web servers. Apache Tomcat is used for deploying, running and managing Java web applications on servers. Tomcat is also used to support various web technologies such as JSP, JDBC and JNDI. It is a trusted and popular choice for web developers and IT professionals.
CVE-2017-12617 is a vulnerability that was detected in Apache Tomcat versions 9.0.0.M1 to 9.0.0, 8.5.0 to 8.5.22, 8.0.0.RC1 to 8.0.46 and 7.0.0 to 7.0.81. This vulnerability can be exploited by attackers to upload a JSP file to the server through HTTP PUT requests. This payload can then execute any malicious code that hackers inject into it. The vulnerability is caused by a misconfiguration of the Default servlet that does not restrict the certain files or directories in place.
Exploiting CVE-2017-12617 can lead to serious consequences. Attackers have the ability to execute arbitrary code on the server which can compromise the entire infrastructure. With this vulnerability, attackers can gain access to sensitive information like user data, customer details, financial information, and other confidential data stored on the server. They can then modify, delete, or steal confidential data. Attackers can also launch bigger attacks by exploiting the server to target other systems or organizations.
In conclusion, security should be taken seriously when it comes to using Apache Tomcat. Thanks to the pro features offered by s4e.io, one can easily and quickly learn about vulnerabilities in their digital assets. The platform provides users with recommended mitigations and patches to help secure their infrastructure. With s4e.io, users can minimize the risk of attacks, protect against vulnerabilities, and stay ahead of emerging threat trends.
REFERENCES
- access.redhat.com: RHSA-2017:3113
- http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html
- http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html
- access.redhat.com: RHSA-2017:3080
- https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03828en_us
- access.redhat.com: RHSA-2018:0269
- exploit-db.com: 42966
- https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03812en_us
- access.redhat.com: RHSA-2018:0270
- access.redhat.com: RHSA-2018:0271
- lists.debian.org: [debian-lts-announce] 20171107 [SECURITY] [DLA 1166-1] tomcat7 security update
- access.redhat.com: RHSA-2018:2939
- access.redhat.com: RHSA-2018:0465
- usn.ubuntu.com: USN-3665-1
- http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html
- access.redhat.com: RHSA-2018:0268
- access.redhat.com: RHSA-2017:3114
- exploit-db.com: 43008
- securitytracker.com: 1039552
- securityfocus.com: 100954
- access.redhat.com: RHSA-2018:0275
- access.redhat.com: RHSA-2018:0466
- lists.apache.org: [announce] 20171003 [SECURITY] CVE-2017-12617 Apache Tomcat Remote Code Execution via JSP upload
- https://security.netapp.com/advisory/ntap-20171018-0002/
- https://security.netapp.com/advisory/ntap-20180117-0002/
- access.redhat.com: RHSA-2017:3081
- lists.apache.org: [tomcat-dev] 20190319 svn commit: r1855831 [24/30] - in /tomcat/site/trunk: ./ docs/ xdocs/
- lists.apache.org: [tomcat-dev] 20190319 svn commit: r1855831 [25/30] - in /tomcat/site/trunk: ./ docs/ xdocs/
- lists.apache.org: [tomcat-dev] 20190325 svn commit: r1856174 [22/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/
- lists.apache.org: [tomcat-dev] 20190325 svn commit: r1856174 [23/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/
- lists.apache.org: [tomcat-dev] 20190325 svn commit: r1856174 [24/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/
- https://support.f5.com/csp/article/K53173544
- lists.apache.org: [tomcat-dev] 20190413 svn commit: r1857494 [17/20] - in /tomcat/site/trunk: ./ docs/ xdocs/
- lists.apache.org: [tomcat-dev] 20190413 svn commit: r1857496 [3/4] - in /tomcat/site/trunk: ./ docs/ xdocs/
- lists.apache.org: [tomcat-dev] 20190413 svn commit: r1857494 [16/20] - in /tomcat/site/trunk: ./ docs/ xdocs/
- lists.apache.org: [tomcat-dev] 20190415 svn commit: r1857582 [18/22] - in /tomcat/site/trunk: docs/ xdocs/stylesheets/
- lists.apache.org: [tomcat-dev] 20190415 svn commit: r1857582 [17/22] - in /tomcat/site/trunk: docs/ xdocs/stylesheets/
- lists.apache.org: [tomcat-dev] 20190415 svn commit: r1857582 [19/22] - in /tomcat/site/trunk: docs/ xdocs/stylesheets/
- https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html
- lists.apache.org: [tomcat-dev] 20200203 svn commit: r1873527 [24/30] - /tomcat/site/trunk/docs/
- lists.apache.org: [tomcat-dev] 20200203 svn commit: r1873527 [25/30] - /tomcat/site/trunk/docs/
- lists.apache.org: [tomcat-dev] 20200213 svn commit: r1873980 [27/34] - /tomcat/site/trunk/docs/
- lists.apache.org: [tomcat-dev] 20200213 svn commit: r1873980 [28/34] - /tomcat/site/trunk/docs/
- lists.apache.org: [tomcat-dev] 20200213 svn commit: r1873980 [29/34] - /tomcat/site/trunk/docs/