Vulnerability Name:

CVE-2017-12615 (CCN-132277)

Assigned:2017-09-19
Published:2017-09-19
Updated:2019-04-15
Summary:When running Apache Tomcat 7.0.0 to 7.0.79 on Windows with HTTP PUTs enabled (e.g. via setting the readonly initialisation parameter of the Default to false) it was possible to upload a JSP file to the server via a specially crafted request. This JSP could then be requested and any code it contained would be executed by the server.
CVSS v3 Severity:8.1 High (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H)
7.1 High (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): High
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): High
Integrity (I): High
Availibility (A): High
8.1 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H)
7.1 High (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): High
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): High
Integrity (I): High
Availibility (A): High
8.1 High (REDHAT CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H)
7.1 High (REDHAT Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): High
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): High
Integrity (I): High
Availibility (A): High
CVSS v2 Severity:6.8 Medium (CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Medium
Authentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): Partial
7.6 High (CCN CVSS v2 Vector: AV:N/AC:H/Au:N/C:C/I:C/A:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): High
Athentication (Au): None
Impact Metrics:Confidentiality (C): Complete
Integrity (I): Complete
Availibility (A): Complete
Vulnerability Type:CWE-434
CWE-20
Vulnerability Consequences:Gain Access
References:Source: MISC
Type: UNKNOWN
http://breaktoprotect.blogspot.com/2017/09/the-case-of-cve-2017-12615-tomcat-7-put.html

Source: MITRE
Type: CNA
CVE-2017-12615

Source: CCN
Type: IBM Security Bulletin 2008294 (Rational License Key Server)
Multiple Security Vulnerabilities in Apache Tomcat affect IBM Rational License Key Server Administration and Reporting Tool

Source: CCN
Type: IBM Security Bulletin 2010523 (Rational Build Forge)
Rational Build Forge Security Advisory for Apache HTTPD, Apache Tomcat and OpenSSL Upgrade

Source: CCN
Type: IBM Security Bulletin 2010577 (Tivoli Application Dependency Discovery Manager)
Open Source Apache Tomcat vulnerabilities affect IBM Tivoli Application Dependency Discovery Manager (TADDM) (CVE-2017-12615, CVE-2017-12616, CVE-2017-12617)

Source: CCN
Type: IBM Security Bulletin 2011364 (OpenPages GRC Platform)
IBM OpenPages GRC Platform has addressed multiple Apache Tomcat vulnerabilities.

Source: CCN
Type: IBM Security Bulletin 2011500 (Integration Bus)
IBM Integration Bus is affected by Open Source Apache Tomcat Vulnerabilities (CVE-2017-12617,CVE-2017-12615)

Source: BID
Type: Third Party Advisory, VDB Entry
100901

Source: CCN
Type: BID-100901
Apache Tomcat CVE-2017-12615 Remote Code Execution Vulnerability

Source: SECTRACK
Type: Third Party Advisory, VDB Entry
1039392

Source: REDHAT
Type: UNKNOWN
RHSA-2017:3080

Source: REDHAT
Type: UNKNOWN
RHSA-2017:3081

Source: REDHAT
Type: UNKNOWN
RHSA-2017:3113

Source: REDHAT
Type: UNKNOWN
RHSA-2017:3114

Source: REDHAT
Type: UNKNOWN
RHSA-2018:0465

Source: REDHAT
Type: UNKNOWN
RHSA-2018:0466

Source: XF
Type: UNKNOWN
apache-tomcat-cve201712615-code-exec(132277)

Source: MISC
Type: UNKNOWN
https://github.com/breaktoprotect/CVE-2017-12615

Source: MLIST
Type: UNKNOWN
[tomcat-dev] 20190325 svn commit: r1856174 [22/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/

Source: MLIST
Type: UNKNOWN
[tomcat-dev] 20190415 svn commit: r1857582 [17/22] - in /tomcat/site/trunk: docs/ xdocs/stylesheets/

Source: MLIST
Type: UNKNOWN
[tomcat-dev] 20190413 svn commit: r1857494 [16/20] - in /tomcat/site/trunk: ./ docs/ xdocs/

Source: CCN
Type: Apache Web site
CVE-2017-12615 Apache Tomcat Remote Code Execution via JSP upload

Source: MLIST
Type: Issue Tracking, Mailing List, Vendor Advisory
[announce] 20170919 [SECURITY] CVE-2017-12615 Apache Tomcat Remote Code Execution via JSP upload

Source: MLIST
Type: UNKNOWN
[announce] 20200131 Apache Software Foundation Security Report: 2019

Source: MLIST
Type: UNKNOWN
[tomcat-dev] 20200213 svn commit: r1873980 [27/34] - /tomcat/site/trunk/docs/

Source: CCN
Type: Packet Storm Security [10-04-2017]
Apache Tomcat JSP Upload Bypass / Remote Code Execution

Source: CONFIRM
Type: UNKNOWN
https://security.netapp.com/advisory/ntap-20171018-0001/

Source: EXPLOIT-DB
Type: UNKNOWN
42953

Source: CONFIRM
Type: UNKNOWN
https://www.synology.com/support/security/Synology_SA_17_54_Tomcat

Vulnerable Configuration:Configuration 1:
  • cpe:/a:apache:tomcat:7.0:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:7.0.0:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:7.0.0:beta:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:7.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:7.0.2:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:7.0.2:beta:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:7.0.3:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:7.0.4:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:7.0.4:beta:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:7.0.5:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:7.0.5:beta:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:7.0.6:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:7.0.7:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:7.0.8:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:7.0.9:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:7.0.10:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:7.0.11:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:7.0.12:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:7.0.13:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:7.0.14:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:7.0.15:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:7.0.16:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:7.0.17:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:7.0.18:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:7.0.19:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:7.0.20:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:7.0.21:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:7.0.22:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:7.0.23:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:7.0.24:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:7.0.25:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:7.0.26:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:7.0.27:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:7.0.28:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:7.0.29:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:7.0.30:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:7.0.31:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:7.0.32:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:7.0.33:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:7.0.34:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:7.0.35:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:7.0.36:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:7.0.37:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:7.0.38:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:7.0.39:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:7.0.40:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:7.0.41:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:7.0.42:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:7.0.43:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:7.0.44:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:7.0.45:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:7.0.46:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:7.0.47:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:7.0.48:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:7.0.49:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:7.0.50:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:7.0.51:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:7.0.54:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:7.0.55:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:7.0.56:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:7.0.57:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:7.0.58:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:7.0.59:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:7.0.60:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:7.0.61:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:7.0.62:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:7.0.63:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:7.0.64:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:7.0.65:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:7.0.66:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:7.0.67:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:7.0.68:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:7.0.69:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:7.0.70:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:7.0.71:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:7.0.72:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:7.0.73:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:7.0.74:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:7.0.75:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:7.0.76:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:7.0.77:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:7.0.79:*:*:*:*:*:*:*
  • AND
  • cpe:/o:microsoft:windows:-:*:*:*:*:*:*:*

  • Configuration RedHat 1:
  • cpe:/o:redhat:enterprise_linux:6:*:*:*:*:*:*:*

  • Configuration RedHat 2:
  • cpe:/o:redhat:enterprise_linux:6::client:*:*:*:*:*

  • Configuration RedHat 3:
  • cpe:/o:redhat:enterprise_linux:6::computenode:*:*:*:*:*

  • Configuration RedHat 4:
  • cpe:/o:redhat:enterprise_linux:6::server:*:*:*:*:*

  • Configuration RedHat 5:
  • cpe:/o:redhat:enterprise_linux:6::workstation:*:*:*:*:*

  • Configuration RedHat 6:
  • cpe:/o:redhat:enterprise_linux:7:*:*:*:*:*:*:*

  • Configuration RedHat 7:
  • cpe:/o:redhat:enterprise_linux:7::client:*:*:*:*:*

  • Configuration RedHat 8:
  • cpe:/o:redhat:enterprise_linux:7::computenode:*:*:*:*:*

  • Configuration RedHat 9:
  • cpe:/o:redhat:enterprise_linux:7::server:*:*:*:*:*

  • Configuration RedHat 10:
  • cpe:/o:redhat:enterprise_linux:7::workstation:*:*:*:*:*

  • Configuration CCN 1:
  • cpe:/a:apache:tomcat:7.0.5:beta:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:7.0.41:*:*:*:*:*:*:*
  • OR cpe:/a:apache:tomcat:7.0.78:*:*:*:*:*:*:*
  • AND
  • cpe:/a:ibm:integration_bus:9.0:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:tivoli_application_dependency_discovery_manager:7.2.2:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:rational_license_key_server:8.1.4:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:rational_license_key_server:8.1.4.2:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:rational_license_key_server:8.1.4.3:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:rational_license_key_server:8.1.4.4:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:rational_license_key_server:8.1.4.5:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:rational_license_key_server:8.1.4.6:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:rational_license_key_server:8.1.4.7:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:rational_license_key_server:8.1.4.8:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:openpages_grc_platform:7.1:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:rational_license_key_server:8.1.4.9:*:*:*:*:*:*:*
  • OR cpe:/a:ibm:integration_bus:10.0:*:*:*:*:*:*:*

  • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.opensuse.security:def:201712615
    V
    CVE-2017-12615
    2022-09-02
    oval:org.opensuse.security:def:41191
    P
    Security update for arpwatch (Important)
    2021-06-28
    oval:org.opensuse.security:def:42006
    P
    libpython2_6-1_0-2.6.0-8.9.20 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:42051
    P
    tar-1.20-23.23.1 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:19092
    P
    Security update for java-1_8_0-ibm (Important)
    2020-12-01
    oval:org.opensuse.security:def:40671
    P
    Security update for the Linux Kernel (Live Patch 19 for SLE 12 SP2) (Important)
    2020-12-01
    oval:org.opensuse.security:def:40415
    P
    Security update for openssl (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:19857
    P
    Security update for MozillaFirefox (Important)
    2020-12-01
    oval:org.opensuse.security:def:41243
    P
    Security update for bzip2 (Important)
    2020-12-01
    oval:org.opensuse.security:def:40849
    P
    Security update for systemd (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:18764
    P
    Security update for wireshark (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:41317
    P
    Security update for the Linux Kernel (Live Patch 25 for SLE 12 SP3) (Important)
    2020-12-01
    oval:org.opensuse.security:def:41127
    P
    Security update for the Linux Kernel (Important)
    2020-12-01
    oval:org.opensuse.security:def:18908
    P
    Security update for webkit2gtk3 (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:40416
    P
    Security update for krb5 (Important)
    2020-12-01
    oval:org.opensuse.security:def:19183
    P
    Security update for libexif (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:18980
    P
    Security update for bzip2 (Important)
    2020-12-01
    oval:org.opensuse.security:def:40519
    P
    Security update for java-1_7_0-openjdk (Important)
    2020-12-01
    oval:org.opensuse.security:def:19219
    P
    Security update for java-1_8_0-ibm (Important)
    2020-12-01
    oval:org.opensuse.security:def:19125
    P
    Security update for openldap2 (Important)
    2020-12-01
    oval:org.opensuse.security:def:40780
    P
    Security update for ghostscript (Important)
    2020-12-01
    oval:org.opensuse.security:def:18729
    P
    Security update for PackageKit (Important)
    2020-12-01
    oval:org.opensuse.security:def:19883
    P
    Security update for tomcat (Important)
    2020-12-01
    oval:org.opensuse.security:def:41288
    P
    Security update for the Linux Kernel (Live Patch 22 for SLE 12 SP3) (Important)
    2020-12-01
    oval:org.opensuse.security:def:40951
    P
    Security update for samba (Important)
    2020-12-01
    oval:org.opensuse.security:def:18850
    P
    Security update for ghostscript (Important)
    2020-12-01
    oval:org.opensuse.security:def:18721
    P
    Security update for openssl (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:41368
    P
    Security update for the Linux Kernel (Important)
    2020-12-01
    oval:org.opensuse.security:def:18942
    P
    Security update for python (Important)
    2020-12-01
    oval:org.opensuse.security:def:40427
    P
    Security update for openssl (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:19195
    P
    Security update for gimp (Moderate)
    2020-12-01
    oval:com.redhat.rhsa:def:20173080
    P
    RHSA-2017:3080: tomcat6 security update (Important)
    2017-10-30
    oval:com.redhat.rhsa:def:20173081
    P
    RHSA-2017:3081: tomcat security update (Important)
    2017-10-30
    oval:com.ubuntu.xenial:def:2017126150000000
    V
    CVE-2017-12615 on Ubuntu 16.04 LTS (xenial) - medium.
    2017-09-19
    oval:com.ubuntu.trusty:def:201712615000
    V
    CVE-2017-12615 on Ubuntu 14.04 LTS (trusty) - medium.
    2017-09-19
    oval:com.ubuntu.xenial:def:201712615000
    V
    CVE-2017-12615 on Ubuntu 16.04 LTS (xenial) - medium.
    2017-09-19
    BACK
    apache tomcat 7.0
    apache tomcat 7.0.0
    apache tomcat 7.0.0 beta
    apache tomcat 7.0.1
    apache tomcat 7.0.2
    apache tomcat 7.0.2 beta
    apache tomcat 7.0.3
    apache tomcat 7.0.4
    apache tomcat 7.0.4 beta
    apache tomcat 7.0.5
    apache tomcat 7.0.5 beta
    apache tomcat 7.0.6
    apache tomcat 7.0.7
    apache tomcat 7.0.8
    apache tomcat 7.0.9
    apache tomcat 7.0.10
    apache tomcat 7.0.11
    apache tomcat 7.0.12
    apache tomcat 7.0.13
    apache tomcat 7.0.14
    apache tomcat 7.0.15
    apache tomcat 7.0.16
    apache tomcat 7.0.17
    apache tomcat 7.0.18
    apache tomcat 7.0.19
    apache tomcat 7.0.20
    apache tomcat 7.0.21
    apache tomcat 7.0.22
    apache tomcat 7.0.23
    apache tomcat 7.0.24
    apache tomcat 7.0.25
    apache tomcat 7.0.26
    apache tomcat 7.0.27
    apache tomcat 7.0.28
    apache tomcat 7.0.29
    apache tomcat 7.0.30
    apache tomcat 7.0.31
    apache tomcat 7.0.32
    apache tomcat 7.0.33
    apache tomcat 7.0.34
    apache tomcat 7.0.35
    apache tomcat 7.0.36
    apache tomcat 7.0.37
    apache tomcat 7.0.38
    apache tomcat 7.0.39
    apache tomcat 7.0.40
    apache tomcat 7.0.41
    apache tomcat 7.0.42
    apache tomcat 7.0.43
    apache tomcat 7.0.44
    apache tomcat 7.0.45
    apache tomcat 7.0.46
    apache tomcat 7.0.47
    apache tomcat 7.0.48
    apache tomcat 7.0.49
    apache tomcat 7.0.50
    apache tomcat 7.0.51
    apache tomcat 7.0.54
    apache tomcat 7.0.55
    apache tomcat 7.0.56
    apache tomcat 7.0.57
    apache tomcat 7.0.58
    apache tomcat 7.0.59
    apache tomcat 7.0.60
    apache tomcat 7.0.61
    apache tomcat 7.0.62
    apache tomcat 7.0.63
    apache tomcat 7.0.64
    apache tomcat 7.0.65
    apache tomcat 7.0.66
    apache tomcat 7.0.67
    apache tomcat 7.0.68
    apache tomcat 7.0.69
    apache tomcat 7.0.70
    apache tomcat 7.0.71
    apache tomcat 7.0.72
    apache tomcat 7.0.73
    apache tomcat 7.0.74
    apache tomcat 7.0.75
    apache tomcat 7.0.76
    apache tomcat 7.0.77
    apache tomcat 7.0.79
    microsoft windows -
    apache tomcat 7.0.5 beta
    apache tomcat 7.0.41
    apache tomcat 7.0.78
    ibm integration bus 9.0
    ibm tivoli application dependency discovery manager 7.2.2
    ibm rational license key server 8.1.4
    ibm rational license key server 8.1.4.2
    ibm rational license key server 8.1.4.3
    ibm rational license key server 8.1.4.4
    ibm rational license key server 8.1.4.5
    ibm rational license key server 8.1.4.6
    ibm rational license key server 8.1.4.7
    ibm rational license key server 8.1.4.8
    ibm openpages grc platform 7.1
    ibm rational license key server 8.1.4.9
    ibm integration bus 10.0