Apache Tomcat - Remote Code Execution (CVE-2017-12617)
- Severity
- CVSSv3 Score
- 8.1
- Vulnerability description
Apache Tomcat is affected by a Remote Code Execution vulnerability. The root cause of this vulnerability consists in using a bad servlet context configuration with
readonly=false
and the PUT method allowed. Therefore, an unauthenticated remote attacker can use PUT method to uploadJSP
files on the server and execute them.- Risk description
The risk exists that a remote unauthenticated attacker can fully compromise the server in order to steal confidential information, install ransomware, or pivot to the internal network.
- Exploit capabilities
Sniper can gain unauthenticated Remote Code Execution on the target system and extract multiple artefacts as evidence.
- Recommendation
Upgrade the Apache Struts to the latest version or to a version higher than: 9.0.0, 8.5.22, 8.0.46, 7.0.81.
- Codename
- Not available
- Detectable with
- Network Scanner
- Exploitable with Sniper
- Yes
- Vuln date
- Oct 2017
- Published at
- Updated at
- Software Type
- Web server
- Vendor
- Apache
- Product
- Tomcat