Apache Tomcat - Remote Code Execution (CVE-2017-12617)
- CVSSv3 Score
- Vulnerability description
Apache Tomcat is affected by a Remote Code Execution vulnerability. The root cause of this vulnerability consists in using a bad servlet context configuration with
readonly=falseand the PUT method allowed. Therefore, an unauthenticated remote attacker can use PUT method to upload
JSPfiles on the server and execute them.
- Risk description
The risk exists that a remote unauthenticated attacker can fully compromise the server in order to steal confidential information, install ransomware, or pivot to the internal network.
- Exploit capabilities
Sniper can gain unauthenticated Remote Code Execution on the target system and extract multiple artefacts as evidence.
Upgrade the Apache Struts to the latest version or to a version higher than: 9.0.0, 8.5.22, 8.0.46, 7.0.81.
- Not available