CN

CyberNewsUz

Threat Intelligence Portal

LOADING0%

Yangiliklar CVE Tracker Exploitlar Hujumlar Xarita

CN

CyberNewsUz

Threat Intelligence Portal

LOADING0%

O'zbek tilidagi kiberxavfsizlik portali. Yangiliklar, CVE tracker, hujumlar bazasi.

Yangiliklar

Barcha yangiliklar
Hujumlar
Zayifliklar
O'zbekiston
Jahon

Asboblar

CVE Tracker
Exploit DB
Hujumlar bazasi
Threat xarita

Loyiha

Biz haqimizda

© 2026 CyberNewsUz. Barcha huquqlar himoyalangan.

CVE Tracker ga qaytish

CVE-2017-12615

Yuqori(8.1)

Apache Tomcat 7.0.0 dan 7.0.79 gacha HTTP PUT-lar yoqilgan Windows operatsion tizimida ishga tushirilganda (masalan, Standartning faqat o'qishni boshlash parametrini noto'g'ri qilib belgilash orqali) maxsus tayyorlangan so'rov orqali JSP faylini serverga yuklash mumkin edi. Keyinchalik bu JSP so'ralishi mumkin va undagi har qanday kod server tomonidan bajariladi.

Vendor

Apache

Product

Tomcat

CVSS Score

8.1

Nashr sanasi

19-sen, 2017

CVSS Vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Manbalar

http://breaktoprotect.blogspot.com/2017/09/the-case-of-cve-2017-12615-tomcat-7-put.html
http://www.securityfocus.com/bid/100901
http://www.securitytracker.com/id/1039392
https://access.redhat.com/errata/RHSA-2017:3080
https://access.redhat.com/errata/RHSA-2017:3081

Yangi kritik zaifliklar

CyberNewsUz — CVE-2017-12615