CVE-2017-12617

When running Apache Tomcat versions 9.0.0.M1 to 9.0.0, 8.5.0 to 8.5.22, 8.0.0.RC1 to 8.0.46 and 7.0.0 to 7.0.81 with HTTP PUTs enabled (e.g. via setting the readonly initialisation parameter of the Default servlet to false) it was possible to upload a JSP file to the server via a specially crafted request. This JSP could then be requested and any code it contained would be executed by the server.

Published: Oct 4, 2017
Updated: Nov 8, 2023
CVE: CVE-2017-12617
GHSA: GHSA-xjgh-84hx-56c5
Severity: High
Exploit:

CVSS v3:

Severity: High
Score: 8.1
AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

CVSS v2:

Severity: Medium
Score: 6.8
AV:N/AC:M/Au:N/C:P/I:P/A:P

CWEs:

CWE-434

Affected Software
References

Software	From	Fixed in
org.apache.tomcat / tomcat	9.0.0.M1	9.0.1
org.apache.tomcat / tomcat	8.5.0	8.5.23
org.apache.tomcat / tomcat	8.0.0	8.0.47
org.apache.tomcat / tomcat	7.0.0	7.0.82
apache / tomcat	7.0.0	7.0.82
apache / tomcat	8.0	8.0.47
apache / tomcat	8.5.0	8.5.23
apache / tomcat	9.0.0	9.0.1
canonical / ubuntu_linux	12.04	12.04.x
canonical / ubuntu_linux	17.10	17.10.x
canonical / ubuntu_linux	16.04	16.04.x
canonical / ubuntu_linux	18.04	18.04.x
oracle / transportation_management	6.3.2	6.3.2.x
oracle / transportation_management	6.3.4	6.3.4.x
oracle / retail_xstore_point_of_service	7.1.6	7.1.6.x
oracle / transportation_management	6.3.3	6.3.3.x
oracle / retail_xstore_point_of_service	7.0.6	7.0.6.x
oracle / webcenter_sites	11.1.1.8.0	11.1.1.8.0.x
oracle / retail_invoice_matching	13.0	13.0.x
oracle / transportation_management	6.3.1	6.3.1.x
oracle / retail_invoice_matching	12.0	12.0.x
oracle / transportation_management	6.3.6	6.3.6.x
oracle / transportation_management	6.3.5	6.3.5.x
oracle / retail_xstore_point_of_service	6.0.11	6.0.11.x
oracle / retail_xstore_point_of_service	15.0.1	15.0.1.x
oracle / transportation_management	6.3.7	6.3.7.x
oracle / hospitality_guest_access	4.2.0	4.2.0.x
oracle / hospitality_guest_access	4.2.1	4.2.1.x
oracle / retail_central_office	14.0.4	14.0.4.x
oracle / retail_central_office	14.1.3	14.1.3.x
oracle / retail_returns_management	2.3.8	2.3.8.x
oracle / retail_returns_management	2.4.9	2.4.9.x
oracle / retail_returns_management	14.0.4	14.0.4.x
oracle / retail_returns_management	14.1.3	14.1.3.x
oracle / retail_point-of-service	14.0.4	14.0.4.x
oracle / retail_point-of-service	14.1.3	14.1.3.x
oracle / retail_back_office	14.0.4	14.0.4.x
oracle / retail_back_office	14.1.3	14.1.3.x
oracle / endeca_information_discovery_integrator	3.2.0	3.2.0.x
oracle / endeca_information_discovery_integrator	3.1.0	3.1.0.x
oracle / retail_order_broker	5.1	5.1.x
oracle / retail_order_broker	5.2	5.2.x
oracle / retail_order_broker	15.0	15.0.x
oracle / retail_order_broker	16.0	16.0.x
oracle / retail_invoice_matching	15.0	15.0.x
oracle / instantis_enterprisetrack	17.1	17.1.x
oracle / instantis_enterprisetrack	17.2	17.2.x
oracle / agile_plm	9.3.3	9.3.3.x
oracle / agile_plm	9.3.4	9.3.4.x
oracle / agile_plm	9.3.5	9.3.5.x
oracle / agile_plm	9.3.6	9.3.6.x
oracle / micros_lucas	2.9.5	2.9.5.x
oracle / communications_instant_messaging_server	10.0.1	10.0.1.x
oracle / retail_invoice_matching	13.1	13.1.x
oracle / retail_invoice_matching	13.2	13.2.x
oracle / retail_invoice_matching	14.0	14.0.x
oracle / retail_invoice_matching	14.1	14.1.x
oracle / workload_manager	12.2.0.1	12.2.0.1.x
oracle / retail_advanced_inventory_planning	14.1	14.1.x
oracle / retail_price_management	15.0	15.0.x
oracle / retail_price_management	16.0	16.0.x
oracle / retail_price_management	14.0	14.0.x
oracle / retail_store_inventory_management	14.0.4	14.0.4.x
oracle / retail_store_inventory_management	14.1.3	14.1.3.x
oracle / retail_advanced_inventory_planning	15.0	15.0.x
oracle / fmw_platform	12.2.1.3.0	12.2.1.3.0.x
oracle / retail_price_management	13.2	13.2.x
oracle / retail_price_management	14.1	14.1.x
oracle / retail_invoice_matching	16.0	16.0.x
oracle / retail_convenience_and_fuel_pos_software	2.1.132	2.1.132.x
oracle / micros_retail_xbri_loss_prevention	10.5.0	10.5.0.x
oracle / micros_retail_xbri_loss_prevention	10.6.0	10.6.0.x
oracle / micros_retail_xbri_loss_prevention	10.8.0	10.8.0.x
oracle / micros_retail_xbri_loss_prevention	10.8.1	10.8.1.x
oracle / micros_retail_xbri_loss_prevention	10.0.1	10.0.1.x
oracle / micros_retail_xbri_loss_prevention	10.7.0	10.7.0.x
oracle / mysql_enterprise_monitor	4.0.0	4.0.0.5135.x
oracle / mysql_enterprise_monitor	3.4.0	3.4.4.4226.x
oracle / mysql_enterprise_monitor	-	3.3.6.3293.x
oracle / health_sciences_empirica_inspections	1.0.1.1	1.0.1.1.x
oracle / tuxedo_system_and_applications_monitor	12.1.3.0.0	12.1.3.0.0.x
oracle / retail_store_inventory_management	12.0.12	12.0.12.x
oracle / retail_store_inventory_management	13.0.7	13.0.7.x
oracle / retail_store_inventory_management	13.1.9	13.1.9.x
oracle / retail_store_inventory_management	13.2.9	13.2.9.x
oracle / retail_store_inventory_management	15.0.2	15.0.2.x
oracle / retail_store_inventory_management	16.0.1	16.0.1.x
oracle / retail_price_management	12.0	12.0.x
oracle / retail_price_management	13.0	13.0.x
oracle / retail_price_management	13.1	13.1.x
oracle / retail_order_management_system	4.0	4.0.x
oracle / retail_order_management_system	4.5	4.5.x
oracle / retail_order_management_system	4.7	4.7.x
oracle / retail_order_management_system	5.0	5.0.x
oracle / retail_order_broker	5.0	5.0.x
oracle / retail_insights	14.1	14.1.x
oracle / retail_insights	15.0	15.0.x
oracle / retail_insights	16.0	16.0.x
oracle / retail_insights	14.0	14.0.x
oracle / retail_eftlink	1.1.124	1.1.124.x
oracle / retail_eftlink	15.0.1	15.0.1.x
oracle / retail_eftlink	16.0.2	16.0.2.x
oracle / retail_advanced_inventory_planning	13.4	13.4.x
oracle / retail_advanced_inventory_planning	13.2	13.2.x
oracle / management_pack	11.2.1.0.13	11.2.1.0.13.x
oracle / financial_services_analytical_applications_infrastructure	8.0.0.0.0	8.0.9.0.0.x
oracle / financial_services_analytical_applications_infrastructure	7.3.3.0.0	7.3.5.3.0.x
oracle / enterprise_manager_for_mysql_database	12.1.0.4.0	12.1.0.4.0.x
oracle / fmw_platform	12.2.1.2.0	12.2.1.2.0.x
debian / debian_linux	7.0	7.0.x
netapp / active_iq_unified_manager	7.3	7.3.x
netapp / active_iq_unified_manager	9.5	9.5.x
redhat / enterprise_linux_desktop	7.0	7.0.x
redhat / enterprise_linux_workstation	7.0	7.0.x
redhat / enterprise_linux_server	7.0	7.0.x
redhat / jboss_enterprise_application_platform	6.0.0	6.0.0.x
redhat / enterprise_linux_for_power_little_endian	7.0	7.0.x
redhat / enterprise_linux_desktop	6.0	6.0.x
redhat / jboss_enterprise_web_server	2.0.0	2.0.0.x
redhat / enterprise_linux_server	6.0	6.0.x
redhat / enterprise_linux_workstation	6.0	6.0.x
redhat / enterprise_linux_server_aus	7.4	7.4.x
redhat / jboss_enterprise_web_server	3.0.0	3.0.0.x
redhat / jboss_enterprise_application_platform	6.4.0	6.4.0.x
redhat / enterprise_linux_server_tus	7.4	7.4.x
redhat / enterprise_linux_eus	7.4	7.4.x
redhat / enterprise_linux_eus	7.5	7.5.x
redhat / enterprise_linux_server_tus	7.6	7.6.x
redhat / enterprise_linux_server_aus	7.6	7.6.x
redhat / enterprise_linux_eus	7.6	7.6.x
redhat / enterprise_linux_server_aus	7.7	7.7.x
redhat / enterprise_linux_server_tus	7.7	7.7.x
redhat / enterprise_linux_eus	7.7	7.7.x
redhat / enterprise_linux_for_power_big_endian_eus	7.4_ppc64	7.4_ppc64.x
redhat / enterprise_linux_for_power_big_endian_eus	7.5_ppc64	7.5_ppc64.x
redhat / enterprise_linux_for_power_big_endian_eus	7.6_ppc64	7.6_ppc64.x
redhat / enterprise_linux_for_power_big_endian_eus	7.7_ppc64	7.7_ppc64.x
redhat / fuse	1.0	1.0.x
redhat / enterprise_linux_for_power_big_endian	7.0_ppc64	7.0_ppc64.x
redhat / enterprise_linux_for_ibm_z_systems	7.0_s390x	7.0_s390x.x
redhat / enterprise_linux_eus_compute_node	7.7	7.7.x
redhat / enterprise_linux_eus_compute_node	7.6	7.6.x
redhat / enterprise_linux_eus_compute_node	7.5	7.5.x
redhat / enterprise_linux_eus_compute_node	7.4	7.4.x
redhat / enterprise_linux_for_power_little_endian_eus	7.7_ppc64le	7.7_ppc64le.x
redhat / enterprise_linux_for_power_little_endian_eus	7.6_ppc64le	7.6_ppc64le.x
redhat / enterprise_linux_for_power_little_endian_eus	7.5_ppc64le	7.5_ppc64le.x
redhat / enterprise_linux_for_power_little_endian_eus	7.4_ppc64le	7.4_ppc64le.x
redhat / enterprise_linux_for_ibm_z_systems_eus	7.7_s390x	7.7_s390x.x
redhat / enterprise_linux_for_ibm_z_systems_eus	7.6_s390x	7.6_s390x.x
redhat / enterprise_linux_for_ibm_z_systems_eus	7.5_s390x	7.5_s390x.x
redhat / enterprise_linux_for_ibm_z_systems_eus	7.4_s390x	7.4_s390x.x
redhat / enterprise_linux_for_power_big_endian	6.0_ppc64	6.0_ppc64.x
redhat / enterprise_linux_for_ibm_z_systems	6.0_s390x	6.0_s390x.x

Vulnerability Database

289,599

CVE-2017-12617