Remote code execution in Apache Tomcat - CVE-2017-12615
Published: September 21, 2017 / Updated: February 22, 2023
Vulnerability identifier: #VU8541
CSH Severity: High
CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:A/U:Amber
CVE-ID: CVE-2017-12615
CWE-ID: CWE-20
Exploitation vector: Remote access
Exploit availability:
The vulnerability is being exploited in the wild
Vendor: Apache Foundation
Affected software:
Apache Tomcat
Apache Tomcat
Detailed vulnerability description
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The weakness exists in Apache Tomcat when running on Windows with HTTP PUTs enabled (e.g. via setting the readonly initialisation parameter of the Default to false) due to input validation flaw. A remote attacker can send a specially crafted HTTP PUT request to upload an arbitrary JSP file to the target system and request the file to execute arbitrary code with privileges of the current user.
Successful exploitation of the vulnerability may result in system compromise.
The weakness exists in Apache Tomcat when running on Windows with HTTP PUTs enabled (e.g. via setting the readonly initialisation parameter of the Default to false) due to input validation flaw. A remote attacker can send a specially crafted HTTP PUT request to upload an arbitrary JSP file to the target system and request the file to execute arbitrary code with privileges of the current user.
Successful exploitation of the vulnerability may result in system compromise.
How to mitigate CVE-2017-12615
Update to version 7.0.81.