Oval Definition:oval:org.opensuse.security:def:201712615
Revision Date:2022-09-02Version:1
Title:CVE-2017-12615
Description:

When running Apache Tomcat 7.0.0 to 7.0.79 on Windows with HTTP PUTs enabled (e.g. via setting the readonly initialisation parameter of the Default to false) it was possible to upload a JSP file to the server via a specially crafted request. This JSP could then be requested and any code it contained would be executed by the server.
Family:unixClass:vulnerability
Status:Reference(s):CVE-2017-12615
SUSE-SU-2017:3059-1
Mitre CVE-2017-12615
SUSE CVE-2017-12615
SUSE-SU-2017:3059-1
Platform(s):SUSE Linux Enterprise High Performance Computing 12 SP5
SUSE Linux Enterprise Server 12 SP5
SUSE Linux Enterprise Server 12-LTSS
SUSE Linux Enterprise Server for SAP Applications 12 SP3
SUSE Linux Enterprise Server for SAP Applications 12 SP4
SUSE Linux Enterprise Server for SAP Applications 12 SP5
SUSE Linux Enterprise Server for SAP Applications 12-LTSS
SUSE OpenStack Cloud 8
SUSE OpenStack Cloud 9
SUSE OpenStack Cloud Crowbar 8
SUSE OpenStack Cloud Crowbar 9
Product(s):
Definition Synopsis
  • SUSE Linux Enterprise Server 12-LTSS is installed
  • AND Package Information
  • tomcat-7.0.82-7.16.1 is installed
  • OR tomcat-admin-webapps-7.0.82-7.16.1 is installed
  • OR tomcat-docs-webapp-7.0.82-7.16.1 is installed
  • OR tomcat-el-2_2-api-7.0.82-7.16.1 is installed
  • OR tomcat-javadoc-7.0.82-7.16.1 is installed
  • OR tomcat-jsp-2_2-api-7.0.82-7.16.1 is installed
  • OR tomcat-lib-7.0.82-7.16.1 is installed
  • OR tomcat-servlet-3_0-api-7.0.82-7.16.1 is installed
  • OR tomcat-webapps-7.0.82-7.16.1 is installed
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Server 12-LTSS is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 12-LTSS is installed
  • AND Package Information
  • tomcat-7.0.82-7.16 is installed
  • OR tomcat-admin-webapps-7.0.82-7.16 is installed
  • OR tomcat-docs-webapp-7.0.82-7.16 is installed
  • OR tomcat-el-2_2-api-7.0.82-7.16 is installed
  • OR tomcat-javadoc-7.0.82-7.16 is installed
  • OR tomcat-jsp-2_2-api-7.0.82-7.16 is installed
  • OR tomcat-lib-7.0.82-7.16 is installed
  • OR tomcat-servlet-3_0-api-7.0.82-7.16 is installed
  • OR tomcat-webapps-7.0.82-7.16 is installed
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Server for SAP Applications 12 SP5 is installed
  • AND tomcat is affected
  • OR Package Information
  • SUSE Linux Enterprise Server for SAP Applications 12 SP3 is installed
  • AND
  • tomcat is affected
  • OR tomcat-admin-webapps is affected
  • OR tomcat-docs-webapp is affected
  • OR tomcat-el-3_0-api is affected
  • OR tomcat-javadoc is affected
  • OR tomcat-jsp-2_3-api is affected
  • OR tomcat-lib is affected
  • OR tomcat-servlet-3_1-api is affected
  • OR tomcat-webapps is affected
  • OR Package Information
  • SUSE Linux Enterprise Server 12 SP5 is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 12 SP4 is installed
  • AND
  • tomcat is affected
  • OR tomcat-admin-webapps is affected
  • OR tomcat-docs-webapp is affected
  • OR tomcat-el-3_0-api is affected
  • OR tomcat-javadoc is affected
  • OR tomcat-jsp-2_3-api is affected
  • OR tomcat-lib is affected
  • OR tomcat-servlet-4_0-api is affected
  • OR tomcat-webapps is affected
  • OR Package Information
  • SUSE Linux Enterprise Server 12-LTSS is installed
  • AND
  • tomcat-7.0.82-7.16.1 is installed
  • OR tomcat-admin-webapps-7.0.82-7.16.1 is installed
  • OR tomcat-docs-webapp-7.0.82-7.16.1 is installed
  • OR tomcat-el-2_2-api-7.0.82-7.16.1 is installed
  • OR tomcat-javadoc-7.0.82-7.16.1 is installed
  • OR tomcat-jsp-2_2-api-7.0.82-7.16.1 is installed
  • OR tomcat-lib-7.0.82-7.16.1 is installed
  • OR tomcat-servlet-3_0-api-7.0.82-7.16.1 is installed
  • OR tomcat-webapps-7.0.82-7.16.1 is installed
    • Definition Synopsis
  • Release Information
  • SUSE OpenStack Cloud 8 is installed
  • OR SUSE OpenStack Cloud Crowbar 8 is installed
  • AND Package Information
  • tomcat is affected
  • OR tomcat-admin-webapps is affected
  • OR tomcat-docs-webapp is affected
  • OR tomcat-el-3_0-api is affected
  • OR tomcat-javadoc is affected
  • OR tomcat-jsp-2_3-api is affected
  • OR tomcat-lib is affected
  • OR tomcat-servlet-3_1-api is affected
  • OR tomcat-webapps is affected
    • Definition Synopsis
  • Release Information
  • SUSE OpenStack Cloud 9 is installed
  • OR SUSE OpenStack Cloud Crowbar 9 is installed
  • AND Package Information
  • tomcat is affected
  • OR tomcat-admin-webapps is affected
  • OR tomcat-docs-webapp is affected
  • OR tomcat-el-3_0-api is affected
  • OR tomcat-javadoc is affected
  • OR tomcat-jsp-2_3-api is affected
  • OR tomcat-lib is affected
  • OR tomcat-servlet-4_0-api is affected
  • OR tomcat-webapps is affected
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise High Performance Computing 12 SP5 is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 12 SP5 is installed
  • AND tomcat is affected
  • OR Package Information
  • SUSE Linux Enterprise Server 12 SP5 is installed
  • AND
  • tomcat is affected
  • OR tomcat-admin-webapps is affected
  • OR tomcat-docs-webapp is affected
  • OR tomcat-el-3_0-api is affected
  • OR tomcat-javadoc is affected
  • OR tomcat-jsp-2_3-api is affected
  • OR tomcat-lib is affected
  • OR tomcat-servlet-4_0-api is affected
  • OR tomcat-webapps is affected
    • Definition Synopsis
  • SUSE Linux Enterprise Server for SAP Applications 12 SP4 is installed
  • AND Package Information
  • tomcat is affected
  • OR tomcat-admin-webapps is affected
  • OR tomcat-docs-webapp is affected
  • OR tomcat-el-3_0-api is affected
  • OR tomcat-javadoc is affected
  • OR tomcat-jsp-2_3-api is affected
  • OR tomcat-lib is affected
  • OR tomcat-servlet-4_0-api is affected
  • OR tomcat-webapps is affected
    • BACK