Apache Tomcat is prone to a remote code-execution vulnerability.
Successfully exploiting this issue allows attackers to execute arbitrary code in the context of the affected application.
Apache Tomcat 7.0.81 and prior versions are vulnerable.
NOTE: This issue is the result of an incomplete fix for the issue described in BID 100901 (Apache Tomcat CVE-2017-12615 Remote Code Execution Vulnerability).
Information
Redhat JBoss EWS 2
Apache Tomcat 7.0.81
Apache Tomcat 7.0.79
Apache Tomcat 7.0.78
Apache Tomcat 7.0.77
Apache Tomcat 7.0.76
Apache Tomcat 7.0.75
Apache Tomcat 7.0.74
Apache Tomcat 7.0.73
Apache Tomcat 7.0.72
Apache Tomcat 7.0.70
Apache Tomcat 7.0.69
Apache Tomcat 7.0.67
Apache Tomcat 7.0.65
Apache Tomcat 7.0.60
Apache Tomcat 7.0.59
Apache Tomcat 7.0.57
Apache Tomcat 7.0.54
Apache Tomcat 7.0.53
Apache Tomcat 7.0.50
Apache Tomcat 7.0.33
Apache Tomcat 7.0.32
Apache Tomcat 7.0.31
Apache Tomcat 7.0.30
Apache Tomcat 7.0.29
Apache Tomcat 7.0.28
Apache Tomcat 7.0.27
Apache Tomcat 7.0.26
Apache Tomcat 7.0.25
Apache Tomcat 7.0.24
Apache Tomcat 7.0.23
Apache Tomcat 7.0.17
Apache Tomcat 7.0.16
Apache Tomcat 7.0.15
Apache Tomcat 7.0.14
Apache Tomcat 7.0.13
Apache Tomcat 7.0.12
Apache Tomcat 7.0.9
Apache Tomcat 7.0.8
Apache Tomcat 7.0.7
Apache Tomcat 7.0.6
Apache Tomcat 7.0.4
Apache Tomcat 7.0.3
Apache Tomcat 7.0.2
Apache Tomcat 7.0.1
Apache Tomcat 7.0
Apache Tomcat 7.0.68
Apache Tomcat 7.0.55
Apache Tomcat 7.0.5
Apache Tomcat 7.0.49
Apache Tomcat 7.0.48
Apache Tomcat 7.0.47
Apache Tomcat 7.0.46
Apache Tomcat 7.0.45
Apache Tomcat 7.0.44
Apache Tomcat 7.0.43
Apache Tomcat 7.0.42
Apache Tomcat 7.0.41
Apache Tomcat 7.0.40
Apache Tomcat 7.0.39
Apache Tomcat 7.0.38
Apache Tomcat 7.0.37
Apache Tomcat 7.0.36
Apache Tomcat 7.0.35
Apache Tomcat 7.0.34
Apache Tomcat 7.0.22
Apache Tomcat 7.0.21
Apache Tomcat 7.0.20
Apache Tomcat 7.0.19
Apache Tomcat 7.0.18
Apache Tomcat 7.0.11
Apache Tomcat 7.0.10
Exploit
The researcher has created a proof-of-concept to demonstrate the issue. Please see the references for more information.
References:
- CVE-2017-12617 (Redhat)
- Apache Homepage (Apache)
- changelog.xml (Apache)
- Bug 1494283 - (CVE-2017-12617) CVE-2017-12617 tomcat: Remote Code Execution byp (Redhat)
- Bug 61542 - Apache Tomcat Remote Code Execution via JSP Upload bypass (Apache)