CVE-2017-12617
- Source
- https://cve.org/CVERecord?id=CVE-2017-12617
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2017-12617.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2017-12617
- Aliases
- Downstream
- Related
- Published
- 2017-10-04T01:29:02.120Z
- Modified
- 2026-05-16T04:00:59.675015798Z
- Severity
-
- 8.1 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
- Summary
- [none]
- Details
-
When running Apache Tomcat versions 9.0.0.M1 to 9.0.0, 8.5.0 to 8.5.22, 8.0.0.RC1 to 8.0.46 and 7.0.0 to 7.0.81 with HTTP PUTs enabled (e.g. via setting the readonly initialisation parameter of the Default servlet to false) it was possible to upload a JSP file to the server via a specially crafted request. This JSP could then be requested and any code it contained would be executed by the server.
- Database specific
{ "unresolved_ranges": [ { "cpes": [ "cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*" ], "source": "CPE_FIELD", "vendor_product": "apache:tomcat", "extracted_events": [ { "introduced": "8.0" }, { "fixed": "8.0.47" } ] }, { "cpes": [ "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:esm:*:*:*" ], "source": "CPE_FIELD", "vendor_product": "canonical:ubuntu_linux", "extracted_events": [ { "last_affected": "12.04" }, { "last_affected": "16.04" }, { "last_affected": "17.10" }, { "last_affected": "18.04" } ] }, { "cpes": [ "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*" ], "source": "CPE_FIELD", "vendor_product": "debian:debian_linux", "extracted_events": [ { "last_affected": "7.0" } ] }, { "cpes": [ "cpe:2.3:a:netapp:active_iq_unified_manager:*:*:*:*:*:vmware_vsphere:*:*", "cpe:2.3:a:netapp:active_iq_unified_manager:*:*:*:*:*:windows:*:*" ], "source": "CPE_FIELD", "vendor_product": "netapp:active_iq_unified_manager", "extracted_events": [ { "introduced": "7.3" }, { "introduced": "9.5" } ] }, { "cpes": [ "cpe:2.3:a:oracle:agile_plm:9.3.3:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:agile_plm:9.3.4:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:agile_plm:9.3.5:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:agile_plm:9.3.6:*:*:*:*:*:*:*" ], "vendor_product": "oracle:agile_plm", "source": "CPE_FIELD", "extracted_events": [ { "last_affected": "9.3.3" }, { "last_affected": "9.3.4" }, { "last_affected": "9.3.5" }, { "last_affected": "9.3.6" } ] }, { "cpes": [ "cpe:2.3:a:oracle:communications_instant_messaging_server:10.0.1:*:*:*:*:*:*:*" ], "source": "CPE_FIELD", "vendor_product": "oracle:communications_instant_messaging_server", "extracted_events": [ { "last_affected": "10.0.1" } ] }, { "cpes": [ "cpe:2.3:a:oracle:endeca_information_discovery_integrator:3.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:endeca_information_discovery_integrator:3.2.0:*:*:*:*:*:*:*" ], "source": "CPE_FIELD", "vendor_product": "oracle:endeca_information_discovery_integrator", "extracted_events": [ { "last_affected": "3.1.0" }, { "last_affected": "3.2.0" } ] }, { "cpes": [ "cpe:2.3:a:oracle:enterprise_manager_for_mysql_database:12.1.0.4.0:*:*:*:*:*:*:*" ], "source": "CPE_FIELD", "vendor_product": "oracle:enterprise_manager_for_mysql_database", "extracted_events": [ { "last_affected": "12.1.0.4.0" } ] }, { "cpes": [ "cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:*:*:*:*:*:*:*:*" ], "source": "CPE_FIELD", "vendor_product": "oracle:financial_services_analytical_applications_infrastructure", "extracted_events": [ { "introduced": "7.3.3.0.0" }, { "last_affected": "7.3.5.3.0" }, { "introduced": "8.0.0.0.0" }, { "last_affected": "8.0.9.0.0" } ] }, { "cpes": [ "cpe:2.3:a:oracle:fmw_platform:12.2.1.2.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:fmw_platform:12.2.1.3.0:*:*:*:*:*:*:*" ], "source": "CPE_FIELD", "vendor_product": "oracle:fmw_platform", "extracted_events": [ { "last_affected": "12.2.1.2.0" }, { "last_affected": "12.2.1.3.0" } ] }, { "cpes": [ "cpe:2.3:a:oracle:health_sciences_empirica_inspections:1.0.1.1:*:*:*:*:*:*:*" ], "source": "CPE_FIELD", "vendor_product": "oracle:health_sciences_empirica_inspections", "extracted_events": [ { "last_affected": "1.0.1.1" } ] }, { "cpes": [ "cpe:2.3:a:oracle:hospitality_guest_access:4.2.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:hospitality_guest_access:4.2.1:*:*:*:*:*:*:*" ], "source": "CPE_FIELD", "vendor_product": "oracle:hospitality_guest_access", "extracted_events": [ { "last_affected": "4.2.0" }, { "last_affected": "4.2.1" } ] }, { "cpes": [ "cpe:2.3:a:oracle:instantis_enterprisetrack:17.1:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:instantis_enterprisetrack:17.2:*:*:*:*:*:*:*" ], "vendor_product": "oracle:instantis_enterprisetrack", "source": "CPE_FIELD", "extracted_events": [ { "last_affected": "17.1" }, { "last_affected": "17.2" } ] }, { "cpes": [ "cpe:2.3:a:oracle:management_pack:11.2.1.0.13:*:*:*:*:goldengate:*:*" ], "source": "CPE_FIELD", "vendor_product": "oracle:management_pack", "extracted_events": [ { "last_affected": "11.2.1.0.13" } ] }, { "cpes": [ "cpe:2.3:a:oracle:micros_lucas:2.9.5:*:*:*:*:*:*:*" ], "source": "CPE_FIELD", "vendor_product": "oracle:micros_lucas", "extracted_events": [ { "last_affected": "2.9.5" } ] }, { "cpes": [ "cpe:2.3:a:oracle:micros_retail_xbri_loss_prevention:10.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:micros_retail_xbri_loss_prevention:10.5.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:micros_retail_xbri_loss_prevention:10.6.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:micros_retail_xbri_loss_prevention:10.7.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:micros_retail_xbri_loss_prevention:10.8.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:micros_retail_xbri_loss_prevention:10.8.1:*:*:*:*:*:*:*" ], "source": "CPE_FIELD", "vendor_product": "oracle:micros_retail_xbri_loss_prevention", "extracted_events": [ { "last_affected": "10.0.1" }, { "last_affected": "10.5.0" }, { "last_affected": "10.6.0" }, { "last_affected": "10.7.0" }, { "last_affected": "10.8.0" }, { "last_affected": "10.8.1" } ] }, { "cpes": [ "cpe:2.3:a:oracle:mysql_enterprise_monitor:*:*:*:*:*:*:*:*" ], "source": "CPE_FIELD", "vendor_product": "oracle:mysql_enterprise_monitor", "extracted_events": [ { "last_affected": "3.3.6.3293" }, { "introduced": "3.4.0" }, { "last_affected": "3.4.4.4226" }, { "introduced": "4.0.0" }, { "last_affected": "4.0.0.5135" } ] }, { "cpes": [ "cpe:2.3:a:oracle:retail_advanced_inventory_planning:13.2:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:retail_advanced_inventory_planning:13.4:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:retail_advanced_inventory_planning:14.1:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:retail_advanced_inventory_planning:15.0:*:*:*:*:*:*:*" ], "source": "CPE_FIELD", "vendor_product": "oracle:retail_advanced_inventory_planning", "extracted_events": [ { "last_affected": "13.2" }, { "last_affected": "13.4" }, { "last_affected": "14.1" }, { "last_affected": "15.0" } ] }, { "cpes": [ "cpe:2.3:a:oracle:retail_back_office:14.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:retail_back_office:14.1.3:*:*:*:*:*:*:*" ], "vendor_product": "oracle:retail_back_office", "source": "CPE_FIELD", "extracted_events": [ { "last_affected": "14.0.4" }, { "last_affected": "14.1.3" } ] }, { "cpes": [ "cpe:2.3:a:oracle:retail_central_office:14.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:retail_central_office:14.1.3:*:*:*:*:*:*:*" ], "source": "CPE_FIELD", "vendor_product": "oracle:retail_central_office", "extracted_events": [ { "last_affected": "14.0.4" }, { "last_affected": "14.1.3" } ] }, { "cpes": [ "cpe:2.3:a:oracle:retail_convenience_and_fuel_pos_software:2.1.132:*:*:*:*:*:*:*" ], "source": "CPE_FIELD", "vendor_product": "oracle:retail_convenience_and_fuel_pos_software", "extracted_events": [ { "last_affected": "2.1.132" } ] }, { "cpes": [ "cpe:2.3:a:oracle:retail_eftlink:1.1.124:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:retail_eftlink:15.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:retail_eftlink:16.0.2:*:*:*:*:*:*:*" ], "source": "CPE_FIELD", "vendor_product": "oracle:retail_eftlink", "extracted_events": [ { "last_affected": "1.1.124" }, { "last_affected": "15.0.1" }, { "last_affected": "16.0.2" } ] }, { "cpes": [ "cpe:2.3:a:oracle:retail_insights:14.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:retail_insights:14.1:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:retail_insights:15.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:retail_insights:16.0:*:*:*:*:*:*:*" ], "source": "CPE_FIELD", "vendor_product": "oracle:retail_insights", "extracted_events": [ { "last_affected": "14.0" }, { "last_affected": "14.1" }, { "last_affected": "15.0" }, { "last_affected": "16.0" } ] }, { "cpes": [ "cpe:2.3:a:oracle:retail_invoice_matching:12.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:retail_invoice_matching:13.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:retail_invoice_matching:13.1:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:retail_invoice_matching:13.2:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:retail_invoice_matching:14.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:retail_invoice_matching:14.1:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:retail_invoice_matching:15.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:retail_invoice_matching:16.0:*:*:*:*:*:*:*" ], "source": "CPE_FIELD", "vendor_product": "oracle:retail_invoice_matching", "extracted_events": [ { "last_affected": "12.0" }, { "last_affected": "13.0" }, { "last_affected": "13.1" }, { "last_affected": "13.2" }, { "last_affected": "14.0" }, { "last_affected": "14.1" }, { "last_affected": "15.0" }, { "last_affected": "16.0" } ] }, { "cpes": [ "cpe:2.3:a:oracle:retail_order_broker:15.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:retail_order_broker:16.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:retail_order_broker:5.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:retail_order_broker:5.1:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:retail_order_broker:5.2:*:*:*:*:*:*:*" ], "source": "CPE_FIELD", "vendor_product": "oracle:retail_order_broker", "extracted_events": [ { "last_affected": "5.0" }, { "last_affected": "5.1" }, { "last_affected": "5.2" }, { "last_affected": "15.0" }, { "last_affected": "16.0" } ] }, { "cpes": [ "cpe:2.3:a:oracle:retail_order_management_system:4.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:retail_order_management_system:4.5:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:retail_order_management_system:4.7:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:retail_order_management_system:5.0:*:*:*:*:*:*:*" ], "source": "CPE_FIELD", "vendor_product": "oracle:retail_order_management_system", "extracted_events": [ { "last_affected": "4.0" }, { "last_affected": "4.5" }, { "last_affected": "4.7" }, { "last_affected": "5.0" } ] }, { "cpes": [ "cpe:2.3:a:oracle:retail_point-of-service:14.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:retail_point-of-service:14.1.3:*:*:*:*:*:*:*" ], "source": "CPE_FIELD", "vendor_product": "oracle:retail_point-of-service", "extracted_events": [ { "last_affected": "14.0.4" }, { "last_affected": "14.1.3" } ] }, { "cpes": [ "cpe:2.3:a:oracle:retail_price_management:12.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:retail_price_management:13.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:retail_price_management:13.1:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:retail_price_management:13.2:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:retail_price_management:14.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:retail_price_management:14.1:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:retail_price_management:15.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:retail_price_management:16.0:*:*:*:*:*:*:*" ], "vendor_product": "oracle:retail_price_management", "source": "CPE_FIELD", "extracted_events": [ { "last_affected": "12.0" }, { "last_affected": "13.0" }, { "last_affected": "13.1" }, { "last_affected": "13.2" }, { "last_affected": "14.0" }, { "last_affected": "14.1" }, { "last_affected": "15.0" }, { "last_affected": "16.0" } ] }, { "cpes": [ "cpe:2.3:a:oracle:retail_returns_management:14.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:retail_returns_management:14.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:retail_returns_management:2.3.8:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:retail_returns_management:2.4.9:*:*:*:*:*:*:*" ], "source": "CPE_FIELD", "vendor_product": "oracle:retail_returns_management", "extracted_events": [ { "last_affected": "2.3.8" }, { "last_affected": "2.4.9" }, { "last_affected": "14.0.4" }, { "last_affected": "14.1.3" } ] }, { "cpes": [ "cpe:2.3:a:oracle:retail_store_inventory_management:12.0.12:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:retail_store_inventory_management:13.0.7:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:retail_store_inventory_management:13.1.9:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:retail_store_inventory_management:13.2.9:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:retail_store_inventory_management:14.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:retail_store_inventory_management:14.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:retail_store_inventory_management:15.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:retail_store_inventory_management:16.0.1:*:*:*:*:*:*:*" ], "vendor_product": "oracle:retail_store_inventory_management", "source": "CPE_FIELD", "extracted_events": [ { "last_affected": "12.0.12" }, { "last_affected": "13.0.7" }, { "last_affected": "13.1.9" }, { "last_affected": "13.2.9" }, { "last_affected": "14.0.4" }, { "last_affected": "14.1.3" }, { "last_affected": "15.0.2" }, { "last_affected": "16.0.1" } ] }, { "cpes": [ "cpe:2.3:a:oracle:retail_xstore_point_of_service:15.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:retail_xstore_point_of_service:6.0.11:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:retail_xstore_point_of_service:7.0.6:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:retail_xstore_point_of_service:7.1.6:*:*:*:*:*:*:*" ], "source": "CPE_FIELD", "vendor_product": "oracle:retail_xstore_point_of_service", "extracted_events": [ { "last_affected": "6.0.11" }, { "last_affected": "7.0.6" }, { "last_affected": "7.1.6" }, { "last_affected": "15.0.1" } ] }, { "cpes": [ "cpe:2.3:a:oracle:transportation_management:6.3.1:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:transportation_management:6.3.2:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:transportation_management:6.3.3:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:transportation_management:6.3.4:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:transportation_management:6.3.5:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:transportation_management:6.3.6:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:transportation_management:6.3.7:*:*:*:*:*:*:*" ], "source": "CPE_FIELD", "vendor_product": "oracle:transportation_management", "extracted_events": [ { "last_affected": "6.3.1" }, { "last_affected": "6.3.2" }, { "last_affected": "6.3.3" }, { "last_affected": "6.3.4" }, { "last_affected": "6.3.5" }, { "last_affected": "6.3.6" }, { "last_affected": "6.3.7" } ] }, { "cpes": [ "cpe:2.3:a:oracle:tuxedo_system_and_applications_monitor:12.1.3.0.0:*:*:*:*:*:*:*" ], "source": "CPE_FIELD", "vendor_product": "oracle:tuxedo_system_and_applications_monitor", "extracted_events": [ { "last_affected": "12.1.3.0.0" } ] }, { "cpes": [ "cpe:2.3:a:oracle:webcenter_sites:11.1.1.8.0:*:*:*:*:*:*:*" ], "source": "CPE_FIELD", "vendor_product": "oracle:webcenter_sites", "extracted_events": [ { "last_affected": "11.1.1.8.0" } ] }, { "cpes": [ "cpe:2.3:a:oracle:workload_manager:12.2.0.1:*:*:*:*:*:*:*" ], "source": "CPE_FIELD", "vendor_product": "oracle:workload_manager", "extracted_events": [ { "last_affected": "12.2.0.1" } ] }, { "cpes": [ "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*" ], "source": "CPE_FIELD", "vendor_product": "redhat:enterprise_linux_desktop", "extracted_events": [ { "last_affected": "6.0" }, { "last_affected": "7.0" } ] }, { "cpes": [ "cpe:2.3:o:redhat:enterprise_linux_eus:7.4:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_eus:7.5:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_eus:7.6:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_eus:7.7:*:*:*:*:*:*:*" ], "source": "CPE_FIELD", "vendor_product": "redhat:enterprise_linux_eus", "extracted_events": [ { "last_affected": "7.4" }, { "last_affected": "7.5" }, { "last_affected": "7.6" }, { "last_affected": "7.7" } ] }, { "cpes": [ "cpe:2.3:o:redhat:enterprise_linux_eus_compute_node:7.4:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_eus_compute_node:7.5:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_eus_compute_node:7.6:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_eus_compute_node:7.7:*:*:*:*:*:*:*" ], "source": "CPE_FIELD", "vendor_product": "redhat:enterprise_linux_eus_compute_node", "extracted_events": [ { "last_affected": "7.4" }, { "last_affected": "7.5" }, { "last_affected": "7.6" }, { "last_affected": "7.7" } ] }, { "cpes": [ "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:6.0_s390x:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:7.0_s390x:*:*:*:*:*:*:*" ], "source": "CPE_FIELD", "vendor_product": "redhat:enterprise_linux_for_ibm_z_systems", "extracted_events": [ { "last_affected": "6.0_s390x" }, { "last_affected": "7.0_s390x" } ] }, { "cpes": [ "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:7.4_s390x:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:7.5_s390x:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:7.6_s390x:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:7.7_s390x:*:*:*:*:*:*:*" ], "source": "CPE_FIELD", "vendor_product": "redhat:enterprise_linux_for_ibm_z_systems_eus", "extracted_events": [ { "last_affected": "7.4_s390x" }, { "last_affected": "7.5_s390x" }, { "last_affected": "7.6_s390x" }, { "last_affected": "7.7_s390x" } ] }, { "cpes": [ "cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian:6.0_ppc64:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian:7.0_ppc64:*:*:*:*:*:*:*" ], "vendor_product": "redhat:enterprise_linux_for_power_big_endian", "source": "CPE_FIELD", "extracted_events": [ { "last_affected": "6.0_ppc64" }, { "last_affected": "7.0_ppc64" } ] }, { "cpes": [ "cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian_eus:7.4_ppc64:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian_eus:7.5_ppc64:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian_eus:7.6_ppc64:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian_eus:7.7_ppc64:*:*:*:*:*:*:*" ], "vendor_product": "redhat:enterprise_linux_for_power_big_endian_eus", "source": "CPE_FIELD", "extracted_events": [ { "last_affected": "7.4_ppc64" }, { "last_affected": "7.5_ppc64" }, { "last_affected": "7.6_ppc64" }, { "last_affected": "7.7_ppc64" } ] }, { "cpes": [ "cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:7.0:*:*:*:*:*:*:*" ], "source": "CPE_FIELD", "vendor_product": "redhat:enterprise_linux_for_power_little_endian", "extracted_events": [ { "last_affected": "7.0" } ] }, { "cpes": [ "cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:7.4_ppc64le:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:7.5_ppc64le:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:7.6_ppc64le:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:7.7_ppc64le:*:*:*:*:*:*:*" ], "source": "CPE_FIELD", "vendor_product": "redhat:enterprise_linux_for_power_little_endian_eus", "extracted_events": [ { "last_affected": "7.4_ppc64le" }, { "last_affected": "7.5_ppc64le" }, { "last_affected": "7.6_ppc64le" }, { "last_affected": "7.7_ppc64le" } ] }, { "cpes": [ "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*" ], "source": "CPE_FIELD", "vendor_product": "redhat:enterprise_linux_server", "extracted_events": [ { "last_affected": "6.0" }, { "last_affected": "7.0" } ] }, { "cpes": [ "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*" ], "vendor_product": "redhat:enterprise_linux_server_aus", "source": "CPE_FIELD", "extracted_events": [ { "last_affected": "7.4" }, { "last_affected": "7.6" }, { "last_affected": "7.7" } ] }, { "cpes": [ "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.4:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*" ], "vendor_product": "redhat:enterprise_linux_server_tus", "source": "CPE_FIELD", "extracted_events": [ { "last_affected": "7.4" }, { "last_affected": "7.6" }, { "last_affected": "7.7" } ] }, { "cpes": [ "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*" ], "source": "CPE_FIELD", "vendor_product": "redhat:enterprise_linux_workstation", "extracted_events": [ { "last_affected": "6.0" }, { "last_affected": "7.0" } ] }, { "cpes": [ "cpe:2.3:a:redhat:fuse:1.0:*:*:*:*:*:*:*" ], "source": "CPE_FIELD", "vendor_product": "redhat:fuse", "extracted_events": [ { "last_affected": "1.0" } ] }, { "cpes": [ "cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.4.0:*:*:*:*:*:*:*" ], "source": "CPE_FIELD", "vendor_product": "redhat:jboss_enterprise_application_platform", "extracted_events": [ { "last_affected": "6.0.0" }, { "last_affected": "6.4.0" } ] }, { "cpes": [ "cpe:2.3:a:redhat:jboss_enterprise_web_server:2.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:jboss_enterprise_web_server:3.0.0:*:*:*:*:*:*:*" ], "source": "CPE_FIELD", "vendor_product": "redhat:jboss_enterprise_web_server", "extracted_events": [ { "last_affected": "2.0.0" }, { "last_affected": "3.0.0" } ] } ] }- References
-
- https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2017-12617
- http://www.securityfocus.com/bid/100954
- http://www.securitytracker.com/id/1039552
- https://access.redhat.com/errata/RHSA-2017:3080
- https://access.redhat.com/errata/RHSA-2017:3081
- https://access.redhat.com/errata/RHSA-2017:3113
- https://access.redhat.com/errata/RHSA-2017:3114
- https://access.redhat.com/errata/RHSA-2018:0268
- https://access.redhat.com/errata/RHSA-2018:0269
- https://access.redhat.com/errata/RHSA-2018:0270
- https://access.redhat.com/errata/RHSA-2018:0271
- https://access.redhat.com/errata/RHSA-2018:0275
- https://access.redhat.com/errata/RHSA-2018:0465
- https://access.redhat.com/errata/RHSA-2018:0466
- https://access.redhat.com/errata/RHSA-2018:2939
- https://lists.debian.org/debian-lts-announce/2017/11/msg00009.html
- https://security.netapp.com/advisory/ntap-20171018-0002/
- https://security.netapp.com/advisory/ntap-20180117-0002/
- https://support.f5.com/csp/article/K53173544
- https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03812en_us
- https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03828en_us
- https://usn.ubuntu.com/3665-1/
- https://lists.apache.org/thread.html/3fd341a604c4e9eab39e7eaabbbac39c30101a022acc11dd09d7ebcb%40%3Cannounce.tomcat.apache.org%3E
- http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html
- http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html
- http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html
- https://lists.apache.org/thread.html/1dd0a59c1295cc08ce4c9e7edae5ad2268acc9ba55adcefa0532e5ba%40%3Cdev.tomcat.apache.org%3E
- https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551%40%3Cdev.tomcat.apache.org%3E
- https://lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708%40%3Cdev.tomcat.apache.org%3E
- https://lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7%40%3Cdev.tomcat.apache.org%3E
- https://lists.apache.org/thread.html/5c0e00fd31efc11e147bf99d0f03c00a734447d3b131ab0818644cdb%40%3Cdev.tomcat.apache.org%3E
- https://lists.apache.org/thread.html/6af47120905aa7d8fe12f42e8ff2284fb338ba141d3b77b8c7cb61b3%40%3Cdev.tomcat.apache.org%3E
- https://lists.apache.org/thread.html/845312a10aabbe2c499fca94003881d2c79fc993d85f34c1f5c77424%40%3Cdev.tomcat.apache.org%3E
- https://lists.apache.org/thread.html/88855876c33f2f9c532ffb75bfee570ccf0b17ffa77493745af9a17a%40%3Cdev.tomcat.apache.org%3E
- https://lists.apache.org/thread.html/b5e3f51d28cd5d9b1809f56594f2cf63dcd6a90429e16ea9f83bbedc%40%3Cdev.tomcat.apache.org%3E
- https://lists.apache.org/thread.html/e85e83e9954f169bbb77b44baae5a33d8de878df557bb32b7f793661%40%3Cdev.tomcat.apache.org%3E
- https://lists.apache.org/thread.html/eb6efa8d59c45a7a9eff94c4b925467d3b3fec8ba7697f3daa314b04%40%3Cdev.tomcat.apache.org%3E
- https://lists.apache.org/thread.html/r3bbb800a816d0a51eccc5a228c58736960a9fffafa581a225834d97d%40%3Cdev.tomcat.apache.org%3E
- https://lists.apache.org/thread.html/r48c1444845fe15a823e1374674bfc297d5008a5453788099ea14caf0%40%3Cdev.tomcat.apache.org%3E
- https://lists.apache.org/thread.html/r6ccee4e849bc77df0840c7f853f6bd09d426f6741247da2b7429d5d9%40%3Cdev.tomcat.apache.org%3E
- https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c%40%3Cdev.tomcat.apache.org%3E
- https://lists.apache.org/thread.html/raba0fabaf4d56d4325ab2aca8814f0b30a237ab83d8106b115ee279a%40%3Cdev.tomcat.apache.org%3E
- https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html
- https://www.exploit-db.com/exploits/42966/
- https://www.exploit-db.com/exploits/43008/