This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.
This signature detects attempts to exploit a security bypass vulnerability in Apache Tomcat.
Apache Tomcat is prone to a remote code-execution vulnerability. Specifically, this issue occur when HTTP PUT method enabled. Successful exploits may allow an attackers to upload a JSP file to the server using a specially crafted request.
Successfully exploiting this issue allows attackers to execute arbitrary code in the context of the affected application.
Apache Tomcat 7.0.81 and prior versions are vulnerable.
NOTE: This issue is the result of an incomplete fix for the issue described in BID 100901 (Apache Tomcat CVE-2017-12615 Remote Code Execution Vulnerability).
- Apache Tomcat 7.0.81 and prior versions are vulnerable.