Apache Tomcat HTTP PUT Request Code Execution Vulnerability - Windows CVE-2017-12615
- CVSSv3 Score
- Vulnerability description
Apache Tomcat is prone to a code execution vulnerability.
- Risk description
The flaw is due to an insufficient processing of HTTP PUT Request, which allows uploading of an arbitrary JSP file to the target system and then request the file to execute arbitrary code on the target system. Successful exploitation will allow remote attackers to execute arbitrary code on the target system.
Upgrade to Tomcat version 7.0.81 or later.
- Not available