CVE-2017-12616

Published: 19 September 2017

When using a VirtualDirContext with Apache Tomcat 7.0.0 to 7.0.80 it was possible to bypass security constraints and/or view the source code of JSPs for resources served by the VirtualDirContext using a specially crafted request.

Notes

Author	Note
mdeslaur	this commit is included in commit list for CVE-2017-12617

Priority

Cvss 3 Severity Score

7.5

Score breakdown

Status

Package	Release	Status
tomcat7 Launchpad, Ubuntu, Debian	artful	Ignored (end of life)
	bionic	Needed
	cosmic	Ignored (end of life)
	disco	Does not exist
	eoan	Does not exist
	focal	Does not exist
	groovy	Does not exist
	hirsute	Does not exist
	impish	Does not exist
	jammy	Does not exist
	kinetic	Does not exist
	lunar	Does not exist
	mantic	Does not exist
	noble	Does not exist
	trusty	Released (7.0.52-1ubuntu0.14)
	upstream	Released (7.0.82)
	xenial	Needed
	zesty	Ignored (end of life)
	Patches: upstream: https://svn.apache.org/r1804729
tomcat8 Launchpad, Ubuntu, Debian	artful	Not vulnerable
	bionic	Not vulnerable (8.5.30-1ubuntu1)
	cosmic	Not vulnerable (8.5.30-1ubuntu2)
	disco	Does not exist
	eoan	Does not exist
	focal	Does not exist
	groovy	Does not exist
	hirsute	Does not exist
	impish	Does not exist
	jammy	Does not exist
	kinetic	Does not exist
	lunar	Does not exist
	mantic	Does not exist
	noble	Does not exist
	precise	Does not exist
	trusty	Does not exist
	upstream	Released (8.0.47,8.5.23)
	xenial	Not vulnerable
	zesty	Ignored (end of life)

Severity score breakdown

Parameter	Value
Base score	7.5
Attack vector	Network
Attack complexity	Low
Privileges required	None
User interaction	None
Scope	Unchanged
Confidentiality	High
Integrity impact	None
Availability impact	None
Vector	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

References

Join the discussion

Canonical is offering Expanded Security Maintenance

Canonical is offering Ubuntu Expanded Security Maintenance (ESM) for security fixes and essential packages.

Find out more about ESM ›