1. Symantec/
  2. Security Response/
  3. Attack Signatures/
  4. Web Attack: Apache Tomcat CVE-2017-12617

Web Attack: Apache Tomcat CVE-2017-12617

Severity: High

This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.

Description

This signature detects attempts to exploit a security bypass vulnerability in Apache Tomcat.

Additional Information

Apache Tomcat is prone to a remote code-execution vulnerability. Specifically, this issue occur when HTTP PUT method enabled. Successful exploits may allow an attackers to upload a JSP file to the server using a specially crafted request.

Successfully exploiting this issue allows attackers to execute arbitrary code in the context of the affected application.

Apache Tomcat 7.0.81 and prior versions are vulnerable.

NOTE: This issue is the result of an incomplete fix for the issue described in BID 100901 (Apache Tomcat CVE-2017-12615 Remote Code Execution Vulnerability).

Affected

  • Apache Tomcat 7.0.81 and prior versions are vulnerable.
  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube