CVE-2017-12617 - Apache Tomcat Remote Code Execution Vulnerability
Project:Apache
Product:Tomcat
Date Added:2022-03-25Due Date:2022-04-15
Vulnerability Name
Apache Tomcat Remote Code Execution Vulnerability
Description
When running Apache Tomcat, it is possible to upload a JSP file to the server via a specially crafted request. This JSP could then be requested and any code it contained would be executed by the server.
Known To Be Used in Ransomware Campaigns?
Unknown
Action
Apply updates per vendor instructions.
Additional Notes
https://nvd.nist.gov/vuln/detail/CVE-2017-12617