| Summary | When running Apache Tomcat versions 9.0.0.M1 to 9.0.0, 8.5.0 to 8.5.22, 8.0.0.RC1 to 8.0.46 and 7.0.0 to 7.0.81 with HTTP PUTs enabled (e.g. via setting the readonly initialisation parameter of the Default servlet to false) it was possible to upload a JSP file to the server via a specially crafted request. This JSP could then be requested and any code it contained would be executed by the server. |
|---|---|
| Summary | Al ejecutar Apache Tomcat desde la versión 9.0.0.M1 hasta la 9.0.0, desde la 8.5.0 hasta la 8.5.22, desde la 8.0.0.RC1 hasta la 8.0.46 y desde la 7.0.0 hasta la 7.0.81 con los HTTP PUT habilitados (por ejemplo, configurando el parámetro de inicialización de solo lectura del servlet Default a "false"), es posible subir un archivo JSP al servidor mediante una petición especialmente manipulada. Este JSP se puede después solicitar y cualquier código que contenga se ejecutaría por el servidor. |
| Publication Date | Oct. 4, 2017, 10:29 a.m. |
| Registration Date | Jan. 26, 2021, 1:14 p.m. |
| Last Update | April 22, 2026, 2:03 a.m. |
| CVSS3.1 : HIGH | |
| スコア | 8.1 |
|---|---|
| Vector | CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H |
| 攻撃元区分(AV) | ネットワーク |
| 攻撃条件の複雑さ(AC) | 高 |
| 攻撃に必要な特権レベル(PR) | 不要 |
| 利用者の関与(UI) | 不要 |
| 影響の想定範囲(S) | 変更なし |
| 機密性への影響(C) | 高 |
| 完全性への影響(I) | 高 |
| 可用性への影響(A) | 高 |
| CVSS2.0 : MEDIUM | |
| Score | 6.8 |
|---|---|
| Vector | AV:N/AC:M/Au:N/C:P/I:P/A:P |
| 攻撃元区分(AV) | ネットワーク |
| 攻撃条件の複雑さ(AC) | 中 |
| 攻撃前の認証要否(Au) | 不要 |
| 機密性への影響(C) | 低 |
| 完全性への影響(I) | 低 |
| 可用性への影響(A) | 低 |
| Get all privileges. | いいえ |
| Get user privileges | いいえ |
| Get other privileges | いいえ |
| User operation required | いいえ |
| Configuration1 | or higher | or less | more than | less than | |
| cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:* | 7.0.0 | 7.0.82 | |||
| cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:* | 8.0 | 8.0.47 | |||
| cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:* | 8.5.0 | 8.5.23 | |||
| cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:* | 9.0.0 | 9.0.1 | |||
| cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:* | |||||
| cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:* | |||||
| cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:* | |||||
| cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:esm:*:*:* | |||||
| cpe:2.3:a:oracle:agile_plm:9.3.3:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:oracle:agile_plm:9.3.4:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:oracle:agile_plm:9.3.5:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:oracle:agile_plm:9.3.6:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:oracle:communications_instant_messaging_server:10.0.1:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:oracle:endeca_information_discovery_integrator:3.1.0:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:oracle:endeca_information_discovery_integrator:3.2.0:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:oracle:enterprise_manager_for_mysql_database:12.1.0.4.0:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:*:*:*:*:*:*:*:* | 7.3.3.0.0 | 7.3.5.3.0 | |||
| cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:*:*:*:*:*:*:*:* | 8.0.0.0.0 | 8.0.9.0.0 | |||
| cpe:2.3:a:oracle:fmw_platform:12.2.1.2.0:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:oracle:fmw_platform:12.2.1.3.0:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:oracle:health_sciences_empirica_inspections:1.0.1.1:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:oracle:hospitality_guest_access:4.2.0:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:oracle:hospitality_guest_access:4.2.1:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:oracle:instantis_enterprisetrack:17.1:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:oracle:instantis_enterprisetrack:17.2:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:oracle:management_pack:11.2.1.0.13:*:*:*:*:goldengate:*:* | |||||
| cpe:2.3:a:oracle:micros_lucas:2.9.5:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:oracle:micros_retail_xbri_loss_prevention:10.0.1:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:oracle:micros_retail_xbri_loss_prevention:10.5.0:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:oracle:micros_retail_xbri_loss_prevention:10.6.0:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:oracle:micros_retail_xbri_loss_prevention:10.7.0:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:oracle:micros_retail_xbri_loss_prevention:10.8.0:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:oracle:micros_retail_xbri_loss_prevention:10.8.1:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:oracle:mysql_enterprise_monitor:*:*:*:*:*:*:*:* | 3.3.6.3293 | ||||
| cpe:2.3:a:oracle:mysql_enterprise_monitor:*:*:*:*:*:*:*:* | 3.4.0 | 3.4.4.4226 | |||
| cpe:2.3:a:oracle:mysql_enterprise_monitor:*:*:*:*:*:*:*:* | 4.0.0 | 4.0.0.5135 | |||
| cpe:2.3:a:oracle:retail_advanced_inventory_planning:13.2:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:oracle:retail_advanced_inventory_planning:13.4:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:oracle:retail_advanced_inventory_planning:14.1:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:oracle:retail_advanced_inventory_planning:15.0:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:oracle:retail_back_office:14.0.4:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:oracle:retail_back_office:14.1.3:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:oracle:retail_central_office:14.0.4:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:oracle:retail_central_office:14.1.3:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:oracle:retail_convenience_and_fuel_pos_software:2.1.132:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:oracle:retail_eftlink:1.1.124:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:oracle:retail_eftlink:15.0.1:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:oracle:retail_eftlink:16.0.2:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:oracle:retail_insights:14.0:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:oracle:retail_insights:14.1:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:oracle:retail_insights:15.0:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:oracle:retail_insights:16.0:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:oracle:retail_invoice_matching:12.0:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:oracle:retail_invoice_matching:13.0:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:oracle:retail_invoice_matching:13.1:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:oracle:retail_invoice_matching:13.2:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:oracle:retail_invoice_matching:14.0:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:oracle:retail_invoice_matching:14.1:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:oracle:retail_invoice_matching:15.0:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:oracle:retail_invoice_matching:16.0:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:oracle:retail_order_broker:5.0:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:oracle:retail_order_broker:5.1:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:oracle:retail_order_broker:5.2:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:oracle:retail_order_broker:15.0:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:oracle:retail_order_broker:16.0:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:oracle:retail_order_management_system:4.0:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:oracle:retail_order_management_system:4.5:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:oracle:retail_order_management_system:4.7:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:oracle:retail_order_management_system:5.0:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:oracle:retail_point-of-service:14.0.4:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:oracle:retail_point-of-service:14.1.3:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:oracle:retail_price_management:12.0:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:oracle:retail_price_management:13.0:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:oracle:retail_price_management:13.1:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:oracle:retail_price_management:13.2:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:oracle:retail_price_management:14.0:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:oracle:retail_price_management:14.1:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:oracle:retail_price_management:15.0:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:oracle:retail_price_management:16.0:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:oracle:retail_returns_management:2.3.8:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:oracle:retail_returns_management:2.4.9:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:oracle:retail_returns_management:14.0.4:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:oracle:retail_returns_management:14.1.3:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:oracle:retail_store_inventory_management:12.0.12:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:oracle:retail_store_inventory_management:13.0.7:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:oracle:retail_store_inventory_management:13.1.9:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:oracle:retail_store_inventory_management:13.2.9:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:oracle:retail_store_inventory_management:14.0.4:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:oracle:retail_store_inventory_management:14.1.3:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:oracle:retail_store_inventory_management:15.0.2:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:oracle:retail_store_inventory_management:16.0.1:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:oracle:retail_xstore_point_of_service:6.0.11:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:oracle:retail_xstore_point_of_service:7.0.6:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:oracle:retail_xstore_point_of_service:7.1.6:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:oracle:retail_xstore_point_of_service:15.0.1:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:oracle:transportation_management:6.3.1:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:oracle:transportation_management:6.3.2:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:oracle:transportation_management:6.3.3:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:oracle:transportation_management:6.3.4:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:oracle:transportation_management:6.3.5:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:oracle:transportation_management:6.3.6:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:oracle:transportation_management:6.3.7:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:oracle:tuxedo_system_and_applications_monitor:12.1.3.0.0:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:oracle:webcenter_sites:11.1.1.8.0:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:oracle:workload_manager:12.2.0.1:*:*:*:*:*:*:* | |||||
| cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:netapp:active_iq_unified_manager:*:*:*:*:*:windows:*:* | 7.3 | ||||
| cpe:2.3:a:netapp:active_iq_unified_manager:*:*:*:*:*:vmware_vsphere:*:* | 9.5 | ||||
| cpe:2.3:a:netapp:oncommand_balance:-:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:netapp:oncommand_shift:-:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:netapp:oncommand_workflow_automation:-:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:netapp:snapcenter:-:*:*:*:*:*:*:* | |||||
| cpe:2.3:o:netapp:element:-:*:*:*:*:vcenter_server:*:* | |||||
| cpe:2.3:a:redhat:fuse:1.0:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.0.0:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.4.0:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:redhat:jboss_enterprise_web_server:2.0.0:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:redhat:jboss_enterprise_web_server:3.0.0:*:*:*:*:*:*:* | |||||
| cpe:2.3:a:redhat:jboss_enterprise_web_server_text-only_advisories:-:*:*:*:*:*:*:* | |||||
| cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:* | |||||
| cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:* | |||||
| cpe:2.3:o:redhat:enterprise_linux_eus:7.4:*:*:*:*:*:*:* | |||||
| cpe:2.3:o:redhat:enterprise_linux_eus:7.5:*:*:*:*:*:*:* | |||||
| cpe:2.3:o:redhat:enterprise_linux_eus:7.6:*:*:*:*:*:*:* | |||||
| cpe:2.3:o:redhat:enterprise_linux_eus:7.7:*:*:*:*:*:*:* | |||||
| cpe:2.3:o:redhat:enterprise_linux_eus_compute_node:7.4:*:*:*:*:*:*:* | |||||
| cpe:2.3:o:redhat:enterprise_linux_eus_compute_node:7.5:*:*:*:*:*:*:* | |||||
| cpe:2.3:o:redhat:enterprise_linux_eus_compute_node:7.6:*:*:*:*:*:*:* | |||||
| cpe:2.3:o:redhat:enterprise_linux_eus_compute_node:7.7:*:*:*:*:*:*:* | |||||
| cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:6.0_s390x:*:*:*:*:*:*:* | |||||
| cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:7.0_s390x:*:*:*:*:*:*:* | |||||
| cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:7.4_s390x:*:*:*:*:*:*:* | |||||
| cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:7.5_s390x:*:*:*:*:*:*:* | |||||
| cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:7.6_s390x:*:*:*:*:*:*:* | |||||
| cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:7.7_s390x:*:*:*:*:*:*:* | |||||
| cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian:6.0_ppc64:*:*:*:*:*:*:* | |||||
| cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian:7.0_ppc64:*:*:*:*:*:*:* | |||||
| cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian_eus:7.4_ppc64:*:*:*:*:*:*:* | |||||
| cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian_eus:7.5_ppc64:*:*:*:*:*:*:* | |||||
| cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian_eus:7.6_ppc64:*:*:*:*:*:*:* | |||||
| cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian_eus:7.7_ppc64:*:*:*:*:*:*:* | |||||
| cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:7.0:*:*:*:*:*:*:* | |||||
| cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:7.4_ppc64le:*:*:*:*:*:*:* | |||||
| cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:7.5_ppc64le:*:*:*:*:*:*:* | |||||
| cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:7.6_ppc64le:*:*:*:*:*:*:* | |||||
| cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:7.7_ppc64le:*:*:*:*:*:*:* | |||||
| cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:* | |||||
| cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:* | |||||
| cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:* | |||||
| cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:* | |||||
| cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:* | |||||
| cpe:2.3:o:redhat:enterprise_linux_server_tus:7.4:*:*:*:*:*:*:* | |||||
| cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:* | |||||
| cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:* | |||||
| cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:* | |||||
| cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:* | |||||
| Title | Apache Tomcat における危険なタイプのファイルの無制限アップロードに関する脆弱性 |
|---|---|
| Summary | Apache Tomcat には、危険なタイプのファイルの無制限アップロードに関する脆弱性が存在します。 |
| Possible impacts | 情報を取得される、情報を改ざんされる、およびサービス運用妨害 (DoS) 状態にされる可能性があります。 |
| Solution | ベンダより正式な対策が公開されています。ベンダ情報を参照して適切な対策を実施してください。 |
| Publication Date | Oct. 3, 2017, midnight |
| Registration Date | Oct. 31, 2017, 5:15 p.m. |
| Last Update | Dec. 11, 2017, 5:15 p.m. |
| Apache Software Foundation |
| Apache Tomcat 7.0.0 から 7.0.81 |
| Apache Tomcat 8.0.0.RC1 から 8.0.46 |
| Apache Tomcat 8.5.0 から 8.5.22 |
| Apache Tomcat 9.0.0.M1 から 9.0.0 |
| 日本電気 |
| MailShooter |
| SimpWright |
| SpoolServer/Winspoolシリーズ |
| WebOTX |
| No | Changed Details | Date of change |
|---|---|---|
| 0 | [2017年10月31日] 掲載 [2017年11月09日] 影響を受けるシステム:ベンダ情報の追加に伴い内容を更新 ベンダ情報:日本電気 (NV17-023) を追加 [2017年12月11日] 影響を受けるシステム:ベンダ情報 (NV17-023) の更新に伴い内容を更新 |
Feb. 17, 2018, 10:37 a.m. |