CVE-2017-12617

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2017-12617
When running Apache Tomcat versions 9.0.0.M1 to 9.0.0, 8.5.0 to 8.5.22, 8.0.0.RC1 to 8.0.46 and 7.0.0 to 7.0.81 with HTTP PUTs enabled (e.g. via setting the readonly initialisation parameter of the Default servlet to false) it was possible to upload a JSP file to the server via a specially crafted request. This JSP could then be requested and any code it contained would be executed by the server.

8.1 /10

CVSS v3.0 : HIGH

V3 Legend

Vector :

Exploitability : 2.2 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity HIGH

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

6.8 /10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:M/Au:N/C:P/I:P/A:P

Exploitability : 8.6 / Impact : 6.4

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References
Link Resource
http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html Patch Third Party Advisory
http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html Patch Third Party Advisory
http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html Patch Third Party Advisory
http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html Patch Third Party Advisory
http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html Patch Third Party Advisory
http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html Patch Third Party Advisory
http://www.securityfocus.com/bid/100954 Third Party Advisory VDB Entry
http://www.securityfocus.com/bid/100954 Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1039552 Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1039552 Third Party Advisory VDB Entry
https://access.redhat.com/errata/RHSA-2017:3080 Third Party Advisory
https://access.redhat.com/errata/RHSA-2017:3080 Third Party Advisory
https://access.redhat.com/errata/RHSA-2017:3081 Third Party Advisory
https://access.redhat.com/errata/RHSA-2017:3081 Third Party Advisory
https://access.redhat.com/errata/RHSA-2017:3113 Third Party Advisory
https://access.redhat.com/errata/RHSA-2017:3113 Third Party Advisory
https://access.redhat.com/errata/RHSA-2017:3114 Third Party Advisory
https://access.redhat.com/errata/RHSA-2017:3114 Third Party Advisory
https://access.redhat.com/errata/RHSA-2018:0268 Third Party Advisory
https://access.redhat.com/errata/RHSA-2018:0268 Third Party Advisory
https://access.redhat.com/errata/RHSA-2018:0269 Third Party Advisory
https://access.redhat.com/errata/RHSA-2018:0269 Third Party Advisory
https://access.redhat.com/errata/RHSA-2018:0270 Third Party Advisory
https://access.redhat.com/errata/RHSA-2018:0270 Third Party Advisory
https://access.redhat.com/errata/RHSA-2018:0271 Third Party Advisory
https://access.redhat.com/errata/RHSA-2018:0271 Third Party Advisory
https://access.redhat.com/errata/RHSA-2018:0275 Third Party Advisory
https://access.redhat.com/errata/RHSA-2018:0275 Third Party Advisory
https://access.redhat.com/errata/RHSA-2018:0465 Third Party Advisory
https://access.redhat.com/errata/RHSA-2018:0465 Third Party Advisory
https://access.redhat.com/errata/RHSA-2018:0466 Third Party Advisory
https://access.redhat.com/errata/RHSA-2018:0466 Third Party Advisory
https://access.redhat.com/errata/RHSA-2018:2939 Third Party Advisory
https://access.redhat.com/errata/RHSA-2018:2939 Third Party Advisory
https://lists.apache.org/thread.html/1dd0a59c1295cc08ce4c9e7edae5ad2268acc9ba55adcefa0532e5ba%40%3Cdev.tomcat.apache.org%3E Mailing List Patch
https://lists.apache.org/thread.html/1dd0a59c1295cc08ce4c9e7edae5ad2268acc9ba55adcefa0532e5ba%40%3Cdev.tomcat.apache.org%3E Mailing List Patch
https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551%40%3Cdev.tomcat.apache.org%3E Mailing List Patch
https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551%40%3Cdev.tomcat.apache.org%3E Mailing List Patch
https://lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708%40%3Cdev.tomcat.apache.org%3E Mailing List Patch
https://lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708%40%3Cdev.tomcat.apache.org%3E Mailing List Patch
https://lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7%40%3Cdev.tomcat.apache.org%3E Mailing List Patch
https://lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7%40%3Cdev.tomcat.apache.org%3E Mailing List Patch
https://lists.apache.org/thread.html/3fd341a604c4e9eab39e7eaabbbac39c30101a022acc11dd09d7ebcb%40%3Cannounce.tomcat.apache.org%3E Issue Tracking Mailing List
https://lists.apache.org/thread.html/3fd341a604c4e9eab39e7eaabbbac39c30101a022acc11dd09d7ebcb%40%3Cannounce.tomcat.apache.org%3E Issue Tracking Mailing List
https://lists.apache.org/thread.html/5c0e00fd31efc11e147bf99d0f03c00a734447d3b131ab0818644cdb%40%3Cdev.tomcat.apache.org%3E Mailing List Patch
https://lists.apache.org/thread.html/5c0e00fd31efc11e147bf99d0f03c00a734447d3b131ab0818644cdb%40%3Cdev.tomcat.apache.org%3E Mailing List Patch
https://lists.apache.org/thread.html/6af47120905aa7d8fe12f42e8ff2284fb338ba141d3b77b8c7cb61b3%40%3Cdev.tomcat.apache.org%3E Mailing List Patch
https://lists.apache.org/thread.html/6af47120905aa7d8fe12f42e8ff2284fb338ba141d3b77b8c7cb61b3%40%3Cdev.tomcat.apache.org%3E Mailing List Patch
https://lists.apache.org/thread.html/845312a10aabbe2c499fca94003881d2c79fc993d85f34c1f5c77424%40%3Cdev.tomcat.apache.org%3E Mailing List Patch
https://lists.apache.org/thread.html/845312a10aabbe2c499fca94003881d2c79fc993d85f34c1f5c77424%40%3Cdev.tomcat.apache.org%3E Mailing List Patch
https://lists.apache.org/thread.html/88855876c33f2f9c532ffb75bfee570ccf0b17ffa77493745af9a17a%40%3Cdev.tomcat.apache.org%3E Mailing List Patch
https://lists.apache.org/thread.html/88855876c33f2f9c532ffb75bfee570ccf0b17ffa77493745af9a17a%40%3Cdev.tomcat.apache.org%3E Mailing List Patch
https://lists.apache.org/thread.html/b5e3f51d28cd5d9b1809f56594f2cf63dcd6a90429e16ea9f83bbedc%40%3Cdev.tomcat.apache.org%3E Mailing List Patch
https://lists.apache.org/thread.html/b5e3f51d28cd5d9b1809f56594f2cf63dcd6a90429e16ea9f83bbedc%40%3Cdev.tomcat.apache.org%3E Mailing List Patch
https://lists.apache.org/thread.html/e85e83e9954f169bbb77b44baae5a33d8de878df557bb32b7f793661%40%3Cdev.tomcat.apache.org%3E Mailing List Patch
https://lists.apache.org/thread.html/e85e83e9954f169bbb77b44baae5a33d8de878df557bb32b7f793661%40%3Cdev.tomcat.apache.org%3E Mailing List Patch
https://lists.apache.org/thread.html/eb6efa8d59c45a7a9eff94c4b925467d3b3fec8ba7697f3daa314b04%40%3Cdev.tomcat.apache.org%3E Mailing List Patch
https://lists.apache.org/thread.html/eb6efa8d59c45a7a9eff94c4b925467d3b3fec8ba7697f3daa314b04%40%3Cdev.tomcat.apache.org%3E Mailing List Patch
https://lists.apache.org/thread.html/r3bbb800a816d0a51eccc5a228c58736960a9fffafa581a225834d97d%40%3Cdev.tomcat.apache.org%3E Mailing List Patch
https://lists.apache.org/thread.html/r3bbb800a816d0a51eccc5a228c58736960a9fffafa581a225834d97d%40%3Cdev.tomcat.apache.org%3E Mailing List Patch
https://lists.apache.org/thread.html/r48c1444845fe15a823e1374674bfc297d5008a5453788099ea14caf0%40%3Cdev.tomcat.apache.org%3E Mailing List Patch
https://lists.apache.org/thread.html/r48c1444845fe15a823e1374674bfc297d5008a5453788099ea14caf0%40%3Cdev.tomcat.apache.org%3E Mailing List Patch
https://lists.apache.org/thread.html/r6ccee4e849bc77df0840c7f853f6bd09d426f6741247da2b7429d5d9%40%3Cdev.tomcat.apache.org%3E Mailing List Patch
https://lists.apache.org/thread.html/r6ccee4e849bc77df0840c7f853f6bd09d426f6741247da2b7429d5d9%40%3Cdev.tomcat.apache.org%3E Mailing List Patch
https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c%40%3Cdev.tomcat.apache.org%3E Mailing List Patch
https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c%40%3Cdev.tomcat.apache.org%3E Mailing List Patch
https://lists.apache.org/thread.html/raba0fabaf4d56d4325ab2aca8814f0b30a237ab83d8106b115ee279a%40%3Cdev.tomcat.apache.org%3E Mailing List Patch
https://lists.apache.org/thread.html/raba0fabaf4d56d4325ab2aca8814f0b30a237ab83d8106b115ee279a%40%3Cdev.tomcat.apache.org%3E Mailing List Patch
https://lists.debian.org/debian-lts-announce/2017/11/msg00009.html Mailing List Third Party Advisory
https://lists.debian.org/debian-lts-announce/2017/11/msg00009.html Mailing List Third Party Advisory
https://security.netapp.com/advisory/ntap-20171018-0002/ Third Party Advisory
https://security.netapp.com/advisory/ntap-20171018-0002/ Third Party Advisory
https://security.netapp.com/advisory/ntap-20180117-0002/ Third Party Advisory
https://security.netapp.com/advisory/ntap-20180117-0002/ Third Party Advisory
https://support.f5.com/csp/article/K53173544 Third Party Advisory
https://support.f5.com/csp/article/K53173544 Third Party Advisory
https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03812en_us Third Party Advisory
https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03812en_us Third Party Advisory
https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03828en_us Third Party Advisory
https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03828en_us Third Party Advisory
https://usn.ubuntu.com/3665-1/ Third Party Advisory
https://usn.ubuntu.com/3665-1/ Third Party Advisory
https://www.exploit-db.com/exploits/42966/ Exploit Third Party Advisory VDB Entry
https://www.exploit-db.com/exploits/42966/ Exploit Third Party Advisory VDB Entry
https://www.exploit-db.com/exploits/43008/ Exploit Third Party Advisory VDB Entry
https://www.exploit-db.com/exploits/43008/ Exploit Third Party Advisory VDB Entry
https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html Patch Third Party Advisory
https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html Patch Third Party Advisory
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*

Configuration 2 (hide)

OR cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:esm:*:*:*

Configuration 3 (hide)

OR cpe:2.3:a:oracle:transportation_management:6.3.2:*:*:*:*:*:*:*
cpe:2.3:a:oracle:transportation_management:6.3.4:*:*:*:*:*:*:*
cpe:2.3:a:oracle:retail_xstore_point_of_service:7.1.6:*:*:*:*:*:*:*
cpe:2.3:a:oracle:transportation_management:6.3.3:*:*:*:*:*:*:*
cpe:2.3:a:oracle:retail_xstore_point_of_service:7.0.6:*:*:*:*:*:*:*
cpe:2.3:a:oracle:webcenter_sites:11.1.1.8.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:retail_invoice_matching:13.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:transportation_management:6.3.1:*:*:*:*:*:*:*
cpe:2.3:a:oracle:retail_invoice_matching:12.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:transportation_management:6.3.6:*:*:*:*:*:*:*
cpe:2.3:a:oracle:transportation_management:6.3.5:*:*:*:*:*:*:*
cpe:2.3:a:oracle:retail_xstore_point_of_service:6.0.11:*:*:*:*:*:*:*
cpe:2.3:a:oracle:retail_xstore_point_of_service:15.0.1:*:*:*:*:*:*:*
cpe:2.3:a:oracle:transportation_management:6.3.7:*:*:*:*:*:*:*
cpe:2.3:a:oracle:hospitality_guest_access:4.2.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:hospitality_guest_access:4.2.1:*:*:*:*:*:*:*
cpe:2.3:a:oracle:retail_central_office:14.0.4:*:*:*:*:*:*:*
cpe:2.3:a:oracle:retail_central_office:14.1.3:*:*:*:*:*:*:*
cpe:2.3:a:oracle:retail_returns_management:2.3.8:*:*:*:*:*:*:*
cpe:2.3:a:oracle:retail_returns_management:2.4.9:*:*:*:*:*:*:*
cpe:2.3:a:oracle:retail_returns_management:14.0.4:*:*:*:*:*:*:*
cpe:2.3:a:oracle:retail_returns_management:14.1.3:*:*:*:*:*:*:*
cpe:2.3:a:oracle:retail_point-of-service:14.0.4:*:*:*:*:*:*:*
cpe:2.3:a:oracle:retail_point-of-service:14.1.3:*:*:*:*:*:*:*
cpe:2.3:a:oracle:retail_back_office:14.0.4:*:*:*:*:*:*:*
cpe:2.3:a:oracle:retail_back_office:14.1.3:*:*:*:*:*:*:*
cpe:2.3:a:oracle:endeca_information_discovery_integrator:3.2.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:endeca_information_discovery_integrator:3.1.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:retail_order_broker:5.1:*:*:*:*:*:*:*
cpe:2.3:a:oracle:retail_order_broker:5.2:*:*:*:*:*:*:*
cpe:2.3:a:oracle:retail_order_broker:15.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:retail_order_broker:16.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:retail_invoice_matching:15.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:instantis_enterprisetrack:17.1:*:*:*:*:*:*:*
cpe:2.3:a:oracle:instantis_enterprisetrack:17.2:*:*:*:*:*:*:*
cpe:2.3:a:oracle:agile_plm:9.3.3:*:*:*:*:*:*:*
cpe:2.3:a:oracle:agile_plm:9.3.4:*:*:*:*:*:*:*
cpe:2.3:a:oracle:agile_plm:9.3.5:*:*:*:*:*:*:*
cpe:2.3:a:oracle:agile_plm:9.3.6:*:*:*:*:*:*:*
cpe:2.3:a:oracle:micros_lucas:2.9.5:*:*:*:*:*:*:*
cpe:2.3:a:oracle:communications_instant_messaging_server:10.0.1:*:*:*:*:*:*:*
cpe:2.3:a:oracle:retail_invoice_matching:13.1:*:*:*:*:*:*:*
cpe:2.3:a:oracle:retail_invoice_matching:13.2:*:*:*:*:*:*:*
cpe:2.3:a:oracle:retail_invoice_matching:14.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:retail_invoice_matching:14.1:*:*:*:*:*:*:*
cpe:2.3:a:oracle:workload_manager:12.2.0.1:*:*:*:*:*:*:*
cpe:2.3:a:oracle:retail_advanced_inventory_planning:14.1:*:*:*:*:*:*:*
cpe:2.3:a:oracle:retail_price_management:15.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:retail_price_management:16.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:retail_price_management:14.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:retail_store_inventory_management:14.0.4:*:*:*:*:*:*:*
cpe:2.3:a:oracle:retail_store_inventory_management:14.1.3:*:*:*:*:*:*:*
cpe:2.3:a:oracle:retail_advanced_inventory_planning:15.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:fmw_platform:12.2.1.3.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:retail_price_management:13.2:*:*:*:*:*:*:*
cpe:2.3:a:oracle:retail_price_management:14.1:*:*:*:*:*:*:*
cpe:2.3:a:oracle:retail_invoice_matching:16.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:retail_convenience_and_fuel_pos_software:2.1.132:*:*:*:*:*:*:*
cpe:2.3:a:oracle:micros_retail_xbri_loss_prevention:10.5.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:micros_retail_xbri_loss_prevention:10.6.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:micros_retail_xbri_loss_prevention:10.8.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:micros_retail_xbri_loss_prevention:10.8.1:*:*:*:*:*:*:*
cpe:2.3:a:oracle:micros_retail_xbri_loss_prevention:10.0.1:*:*:*:*:*:*:*
cpe:2.3:a:oracle:micros_retail_xbri_loss_prevention:10.7.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql_enterprise_monitor:*:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql_enterprise_monitor:*:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql_enterprise_monitor:*:*:*:*:*:*:*:*
cpe:2.3:a:oracle:health_sciences_empirica_inspections:1.0.1.1:*:*:*:*:*:*:*
cpe:2.3:a:oracle:tuxedo_system_and_applications_monitor:12.1.3.0.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:retail_store_inventory_management:12.0.12:*:*:*:*:*:*:*
cpe:2.3:a:oracle:retail_store_inventory_management:13.0.7:*:*:*:*:*:*:*
cpe:2.3:a:oracle:retail_store_inventory_management:13.1.9:*:*:*:*:*:*:*
cpe:2.3:a:oracle:retail_store_inventory_management:13.2.9:*:*:*:*:*:*:*
cpe:2.3:a:oracle:retail_store_inventory_management:15.0.2:*:*:*:*:*:*:*
cpe:2.3:a:oracle:retail_store_inventory_management:16.0.1:*:*:*:*:*:*:*
cpe:2.3:a:oracle:retail_price_management:12.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:retail_price_management:13.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:retail_price_management:13.1:*:*:*:*:*:*:*
cpe:2.3:a:oracle:retail_order_management_system:4.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:retail_order_management_system:4.5:*:*:*:*:*:*:*
cpe:2.3:a:oracle:retail_order_management_system:4.7:*:*:*:*:*:*:*
cpe:2.3:a:oracle:retail_order_management_system:5.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:retail_order_broker:5.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:retail_insights:14.1:*:*:*:*:*:*:*
cpe:2.3:a:oracle:retail_insights:15.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:retail_insights:16.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:retail_insights:14.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:retail_eftlink:1.1.124:*:*:*:*:*:*:*
cpe:2.3:a:oracle:retail_eftlink:15.0.1:*:*:*:*:*:*:*
cpe:2.3:a:oracle:retail_eftlink:16.0.2:*:*:*:*:*:*:*
cpe:2.3:a:oracle:retail_advanced_inventory_planning:13.4:*:*:*:*:*:*:*
cpe:2.3:a:oracle:retail_advanced_inventory_planning:13.2:*:*:*:*:*:*:*
cpe:2.3:a:oracle:management_pack:11.2.1.0.13:*:*:*:*:goldengate:*:*
cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:*:*:*:*:*:*:*:*
cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:*:*:*:*:*:*:*:*
cpe:2.3:a:oracle:enterprise_manager_for_mysql_database:12.1.0.4.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:fmw_platform:12.2.1.2.0:*:*:*:*:*:*:*

Configuration 4 (hide)

cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*

Configuration 5 (hide)

OR cpe:2.3:a:netapp:oncommand_balance:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:snapcenter:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:oncommand_workflow_automation:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:active_iq_unified_manager:*:*:*:*:*:windows:*:*
cpe:2.3:a:netapp:active_iq_unified_manager:*:*:*:*:*:vmware_vsphere:*:*
cpe:2.3:a:netapp:oncommand_shift:-:*:*:*:*:*:*:*
cpe:2.3:o:netapp:element:-:*:*:*:*:vcenter_server:*:*

Configuration 6 (hide)

OR cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.0.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
cpe:2.3:a:redhat:jboss_enterprise_web_server:2.0.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*
cpe:2.3:a:redhat:jboss_enterprise_web_server:3.0.0:*:*:*:*:*:*:*
cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.4.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_tus:7.4:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_eus:7.4:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_eus:7.5:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_eus:7.6:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_eus:7.7:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian_eus:7.4_ppc64:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian_eus:7.5_ppc64:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian_eus:7.6_ppc64:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian_eus:7.7_ppc64:*:*:*:*:*:*:*
cpe:2.3:a:redhat:fuse:1.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian:7.0_ppc64:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:7.0_s390x:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_eus_compute_node:7.7:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_eus_compute_node:7.6:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_eus_compute_node:7.5:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_eus_compute_node:7.4:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:7.7_ppc64le:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:7.6_ppc64le:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:7.5_ppc64le:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:7.4_ppc64le:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:7.7_s390x:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:7.6_s390x:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:7.5_s390x:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:7.4_s390x:*:*:*:*:*:*:*
cpe:2.3:a:redhat:jboss_enterprise_web_server_text-only_advisories:-:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian:6.0_ppc64:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:6.0_s390x:*:*:*:*:*:*:*
History

23 Jan 2025, 15:34

Type Values Removed Values Added
References (REDHAT) https://access.redhat.com/errata/RHSA-2018:0268 - Third Party Advisory () https://access.redhat.com/errata/RHSA-2018:0268 - Third Party Advisory
References (EXPLOIT-DB) https://www.exploit-db.com/exploits/42966/ - Exploit, Third Party Advisory, VDB Entry () https://www.exploit-db.com/exploits/42966/ - Exploit, Third Party Advisory, VDB Entry
References (CONFIRM) https://support.f5.com/csp/article/K53173544 - Third Party Advisory () https://support.f5.com/csp/article/K53173544 - Third Party Advisory
References (MLIST) https://lists.debian.org/debian-lts-announce/2017/11/msg00009.html - Mailing List, Third Party Advisory () https://lists.debian.org/debian-lts-announce/2017/11/msg00009.html - Mailing List, Third Party Advisory
References (REDHAT) https://access.redhat.com/errata/RHSA-2018:0465 - Third Party Advisory () https://access.redhat.com/errata/RHSA-2018:0465 - Third Party Advisory
References (REDHAT) https://access.redhat.com/errata/RHSA-2017:3114 - Third Party Advisory () https://access.redhat.com/errata/RHSA-2017:3114 - Third Party Advisory
References (REDHAT) https://access.redhat.com/errata/RHSA-2018:0270 - Third Party Advisory () https://access.redhat.com/errata/RHSA-2018:0270 - Third Party Advisory
References (MISC) https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html - Patch, Third Party Advisory () https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html - Patch, Third Party Advisory
References (CONFIRM) https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03828en_us - Third Party Advisory () https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03828en_us - Third Party Advisory
References (SECTRACK) http://www.securitytracker.com/id/1039552 - Third Party Advisory, VDB Entry () http://www.securitytracker.com/id/1039552 - Third Party Advisory, VDB Entry
References (REDHAT) https://access.redhat.com/errata/RHSA-2017:3113 - Third Party Advisory () https://access.redhat.com/errata/RHSA-2017:3113 - Third Party Advisory
References (BID) http://www.securityfocus.com/bid/100954 - Third Party Advisory, VDB Entry () http://www.securityfocus.com/bid/100954 - Third Party Advisory, VDB Entry
References (REDHAT) https://access.redhat.com/errata/RHSA-2017:3081 - Third Party Advisory () https://access.redhat.com/errata/RHSA-2017:3081 - Third Party Advisory
References (CONFIRM) https://security.netapp.com/advisory/ntap-20171018-0002/ - Third Party Advisory () https://security.netapp.com/advisory/ntap-20171018-0002/ - Third Party Advisory
References (EXPLOIT-DB) https://www.exploit-db.com/exploits/43008/ - Exploit, Third Party Advisory, VDB Entry () https://www.exploit-db.com/exploits/43008/ - Exploit, Third Party Advisory, VDB Entry
References (UBUNTU) https://usn.ubuntu.com/3665-1/ - Third Party Advisory () https://usn.ubuntu.com/3665-1/ - Third Party Advisory
References (CONFIRM) http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html - Patch, Third Party Advisory () http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html - Patch, Third Party Advisory
References (CONFIRM) http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html - Patch, Third Party Advisory () http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html - Patch, Third Party Advisory
References (CONFIRM) http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html - Patch, Third Party Advisory () http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html - Patch, Third Party Advisory
References (REDHAT) https://access.redhat.com/errata/RHSA-2018:2939 - Third Party Advisory () https://access.redhat.com/errata/RHSA-2018:2939 - Third Party Advisory
References (REDHAT) https://access.redhat.com/errata/RHSA-2018:0269 - Third Party Advisory () https://access.redhat.com/errata/RHSA-2018:0269 - Third Party Advisory
References (CONFIRM) https://security.netapp.com/advisory/ntap-20180117-0002/ - Third Party Advisory () https://security.netapp.com/advisory/ntap-20180117-0002/ - Third Party Advisory
References (REDHAT) https://access.redhat.com/errata/RHSA-2018:0275 - Third Party Advisory () https://access.redhat.com/errata/RHSA-2018:0275 - Third Party Advisory
References (REDHAT) https://access.redhat.com/errata/RHSA-2018:0271 - Third Party Advisory () https://access.redhat.com/errata/RHSA-2018:0271 - Third Party Advisory
References (CONFIRM) https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03812en_us - Third Party Advisory () https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03812en_us - Third Party Advisory
References (REDHAT) https://access.redhat.com/errata/RHSA-2018:0466 - Third Party Advisory () https://access.redhat.com/errata/RHSA-2018:0466 - Third Party Advisory
References (REDHAT) https://access.redhat.com/errata/RHSA-2017:3080 - Third Party Advisory () https://access.redhat.com/errata/RHSA-2017:3080 - Third Party Advisory

16 Jul 2024, 17:58

Type Values Removed Values Added
CPE cpe:2.3:a:apache:tomcat:7.0.3:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:7.0.73:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.0.29:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.0.16:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.0.39:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.0.13:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.5.13:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:9.0.0:milestone5:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.0.26:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:7.0.47:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:7.0.76:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:7.0.21:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.0.44:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:7.0.69:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:7.0.38:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.0.15:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:7.0.48:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.0.46:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.0.25:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:7.0.49:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:7.0.72:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:7.0.70:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:7.0.33:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:7.0.39:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:7.0.31:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:7.0.74:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:9.0.0:milestone2:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.0.23:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:7.0.6:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:7.0.36:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:7.0.46:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:7.0.56:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.5.18:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.5.2:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:9.0.0:milestone22:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.5.9:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:9.0.0:milestone6:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:7.0.67:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:7.0.57:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:7.0.12:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:7.0.51:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.0.0:rc2:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.5.15:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:9.0.0:milestone17:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.0.40:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.0.12:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:7.0.61:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:7.0.25:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.5.12:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.5.4:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.0.11:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.0.24:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:7.0.27:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.5.22:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.0.19:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.5.0:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:7.0.4:beta:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:7.0.32:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.5.19:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:9.0.0:milestone9:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:9.0.0:milestone15:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.0.33:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:7.0.28:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.0.37:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:7.0.7:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.0.0:rc5:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:9.0.0:milestone19:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:7.0.42:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:7.0.16:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:9.0.0:milestone21:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:7.0.64:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:7.0.62:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:7.0.24:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.0.20:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:7.0.5:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.0.17:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:7.0.13:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.0.18:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.0.14:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.5.5:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.5.11:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:7.0.9:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:7.0.34:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.0.28:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:7.0.22:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.0.42:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.0.36:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.0.4:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:7.0.37:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:7.0.2:beta:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.0.35:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.5.10:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.0.9:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.0.41:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.0.22:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.0.45:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:7.0.63:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.0.38:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.5.16:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:7.0.60:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.5.7:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:7.0.65:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.0.31:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:7.0.80:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:7.0.20:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.0.32:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:9.0.0:milestone10:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:9.0.0:milestone4:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:7.0.44:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.5.6:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:7.0.79:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:7.0.54:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.0.6:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:7.0.30:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:9.0.0:milestone8:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:7.0.71:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:7.0.14:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:7.0.17:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:9.0.0:milestone1:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:7.0.23:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:7.0.50:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:9.0.0:milestone18:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:7.0.19:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:7.0.77:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.0.0:rc1:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:9.0.0:milestone20:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:7.0.26:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.5.3:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:7.0.4:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.0.27:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:7.0.81:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.5.8:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.5.14:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.0.7:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:7.0.10:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.5.20:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:9.0.0:milestone3:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:7.0.45:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.5.17:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:7.0.41:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.0.0:rc10:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.0.30:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.0.34:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:7.0.2:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:7.0.1:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:9.0.0:milestone16:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.5.1:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:9.0.0:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:7.0.15:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:7.0.55:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.0.2:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:7.0.40:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.0.10:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:9.0.0:milestone12:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:7.0.75:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:9.0.0:milestone7:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:7.0.0:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.0.43:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:9.0.0:milestone11:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:9.0.0:milestone13:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:7.0.66:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.5.21:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:7.0.11:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:7.0.58:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:7.0.35:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.0.21:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:7.0.5:beta:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:7.0.43:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:7.0.8:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:8.0.1:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:7.0.18:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:7.0.59:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:7.0.68:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:7.0.29:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:9.0.0:milestone14:*:*:*:*:*:*		 cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:6.0_s390x:*:*:*:*:*:*:*
cpe:2.3:a:oracle:retail_store_inventory_management:14.0.4:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:esm:*:*:*
cpe:2.3:a:oracle:micros_retail_xbri_loss_prevention:10.8.1:*:*:*:*:*:*:*
cpe:2.3:a:oracle:micros_lucas:2.9.5:*:*:*:*:*:*:*
cpe:2.3:a:oracle:retail_store_inventory_management:13.1.9:*:*:*:*:*:*:*
cpe:2.3:a:oracle:workload_manager:12.2.0.1:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:7.5_ppc64le:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian_eus:7.4_ppc64:*:*:*:*:*:*:*
cpe:2.3:a:oracle:agile_plm:9.3.5:*:*:*:*:*:*:*
cpe:2.3:a:oracle:retail_advanced_inventory_planning:13.2:*:*:*:*:*:*:*
cpe:2.3:a:oracle:retail_xstore_point_of_service:7.0.6:*:*:*:*:*:*:*
cpe:2.3:a:oracle:retail_advanced_inventory_planning:13.4:*:*:*:*:*:*:*
cpe:2.3:a:oracle:retail_point-of-service:14.1.3:*:*:*:*:*:*:*
cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:*:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:micros_retail_xbri_loss_prevention:10.0.1:*:*:*:*:*:*:*
cpe:2.3:o:netapp:element:-:*:*:*:*:vcenter_server:*:*
cpe:2.3:a:oracle:retail_returns_management:14.1.3:*:*:*:*:*:*:*
cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.0.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:transportation_management:6.3.3:*:*:*:*:*:*:*
cpe:2.3:a:oracle:agile_plm:9.3.6:*:*:*:*:*:*:*
cpe:2.3:a:oracle:hospitality_guest_access:4.2.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:retail_price_management:15.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:retail_convenience_and_fuel_pos_software:2.1.132:*:*:*:*:*:*:*
cpe:2.3:a:oracle:retail_order_broker:5.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:communications_instant_messaging_server:10.0.1:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*
cpe:2.3:a:oracle:retail_insights:16.0:*:*:*:*:*:*:*
cpe:2.3:a:redhat:jboss_enterprise_web_server:2.0.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:retail_back_office:14.0.4:*:*:*:*:*:*:*
cpe:2.3:a:oracle:retail_order_management_system:4.7:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian_eus:7.7_ppc64:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*
cpe:2.3:a:oracle:micros_retail_xbri_loss_prevention:10.8.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:retail_eftlink:1.1.124:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*
cpe:2.3:a:oracle:retail_invoice_matching:12.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_eus_compute_node:7.5:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian:6.0_ppc64:*:*:*:*:*:*:*
cpe:2.3:a:oracle:endeca_information_discovery_integrator:3.2.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*
cpe:2.3:a:oracle:retail_price_management:13.1:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_eus:7.4:*:*:*:*:*:*:*
cpe:2.3:a:oracle:retail_store_inventory_management:16.0.1:*:*:*:*:*:*:*
cpe:2.3:a:redhat:jboss_enterprise_web_server_text-only_advisories:-:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql_enterprise_monitor:*:*:*:*:*:*:*:*
cpe:2.3:a:oracle:retail_xstore_point_of_service:7.1.6:*:*:*:*:*:*:*
cpe:2.3:a:oracle:retail_order_broker:15.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:retail_order_broker:16.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:retail_invoice_matching:16.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:instantis_enterprisetrack:17.2:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*
cpe:2.3:a:oracle:retail_eftlink:15.0.1:*:*:*:*:*:*:*
cpe:2.3:a:oracle:transportation_management:6.3.5:*:*:*:*:*:*:*
cpe:2.3:a:oracle:retail_invoice_matching:13.1:*:*:*:*:*:*:*
cpe:2.3:a:oracle:retail_store_inventory_management:13.0.7:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_eus:7.7:*:*:*:*:*:*:*
cpe:2.3:a:oracle:retail_central_office:14.1.3:*:*:*:*:*:*:*
cpe:2.3:a:oracle:retail_point-of-service:14.0.4:*:*:*:*:*:*:*
cpe:2.3:a:oracle:retail_eftlink:16.0.2:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:7.7_ppc64le:*:*:*:*:*:*:*
cpe:2.3:a:oracle:retail_price_management:14.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:micros_retail_xbri_loss_prevention:10.5.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:retail_order_management_system:5.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:hospitality_guest_access:4.2.1:*:*:*:*:*:*:*
cpe:2.3:a:oracle:retail_store_inventory_management:12.0.12:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:enterprise_manager_for_mysql_database:12.1.0.4.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:retail_invoice_matching:14.1:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:7.4_s390x:*:*:*:*:*:*:*
cpe:2.3:a:oracle:transportation_management:6.3.4:*:*:*:*:*:*:*
cpe:2.3:a:oracle:management_pack:11.2.1.0.13:*:*:*:*:goldengate:*:*
cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:7.0_s390x:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:7.4_ppc64le:*:*:*:*:*:*:*
cpe:2.3:a:redhat:jboss_enterprise_web_server:3.0.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:retail_central_office:14.0.4:*:*:*:*:*:*:*
cpe:2.3:a:oracle:retail_insights:14.1:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian_eus:7.6_ppc64:*:*:*:*:*:*:*
cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.4.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:micros_retail_xbri_loss_prevention:10.6.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:retail_price_management:12.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:retail_insights:14.0:*:*:*:*:*:*:*
cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian_eus:7.5_ppc64:*:*:*:*:*:*:*
cpe:2.3:a:oracle:agile_plm:9.3.3:*:*:*:*:*:*:*
cpe:2.3:a:oracle:retail_invoice_matching:13.2:*:*:*:*:*:*:*
cpe:2.3:a:oracle:transportation_management:6.3.1:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:7.5_s390x:*:*:*:*:*:*:*
cpe:2.3:a:oracle:retail_invoice_matching:14.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:transportation_management:6.3.6:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*
cpe:2.3:a:oracle:fmw_platform:12.2.1.3.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:transportation_management:6.3.7:*:*:*:*:*:*:*
cpe:2.3:a:oracle:retail_store_inventory_management:13.2.9:*:*:*:*:*:*:*
cpe:2.3:a:netapp:oncommand_balance:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:oncommand_shift:-:*:*:*:*:*:*:*
cpe:2.3:a:oracle:retail_invoice_matching:15.0:*:*:*:*:*:*:*
cpe:2.3:a:netapp:oncommand_workflow_automation:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:snapcenter:-:*:*:*:*:*:*:*
cpe:2.3:a:oracle:retail_price_management:16.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:retail_returns_management:2.3.8:*:*:*:*:*:*:*
cpe:2.3:a:oracle:retail_returns_management:2.4.9:*:*:*:*:*:*:*
cpe:2.3:a:oracle:retail_returns_management:14.0.4:*:*:*:*:*:*:*
cpe:2.3:a:oracle:retail_order_broker:5.1:*:*:*:*:*:*:*
cpe:2.3:a:oracle:retail_price_management:14.1:*:*:*:*:*:*:*
cpe:2.3:a:netapp:active_iq_unified_manager:*:*:*:*:*:windows:*:*
cpe:2.3:a:oracle:retail_store_inventory_management:14.1.3:*:*:*:*:*:*:*
cpe:2.3:a:oracle:retail_price_management:13.2:*:*:*:*:*:*:*
cpe:2.3:a:oracle:retail_insights:15.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:transportation_management:6.3.2:*:*:*:*:*:*:*
cpe:2.3:a:oracle:retail_order_broker:5.2:*:*:*:*:*:*:*
cpe:2.3:a:oracle:retail_xstore_point_of_service:15.0.1:*:*:*:*:*:*:*
cpe:2.3:a:redhat:fuse:1.0:*:*:*:*:*:*:*
cpe:2.3:a:netapp:active_iq_unified_manager:*:*:*:*:*:vmware_vsphere:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*
cpe:2.3:a:oracle:retail_back_office:14.1.3:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_eus_compute_node:7.4:*:*:*:*:*:*:*
cpe:2.3:a:oracle:webcenter_sites:11.1.1.8.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:retail_store_inventory_management:15.0.2:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:7.7_s390x:*:*:*:*:*:*:*
cpe:2.3:a:oracle:agile_plm:9.3.4:*:*:*:*:*:*:*
cpe:2.3:a:oracle:fmw_platform:12.2.1.2.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:retail_order_management_system:4.5:*:*:*:*:*:*:*
cpe:2.3:a:oracle:retail_invoice_matching:13.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:micros_retail_xbri_loss_prevention:10.7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_tus:7.4:*:*:*:*:*:*:*
cpe:2.3:a:oracle:retail_price_management:13.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:retail_advanced_inventory_planning:14.1:*:*:*:*:*:*:*
cpe:2.3:a:oracle:health_sciences_empirica_inspections:1.0.1.1:*:*:*:*:*:*:*
cpe:2.3:a:oracle:retail_advanced_inventory_planning:15.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:retail_xstore_point_of_service:6.0.11:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_eus:7.5:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian:7.0_ppc64:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_eus:7.6:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_eus_compute_node:7.6:*:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:*:*:*:*:*:*:*:*
cpe:2.3:a:oracle:instantis_enterprisetrack:17.1:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:7.6_s390x:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_eus_compute_node:7.7:*:*:*:*:*:*:*
cpe:2.3:a:oracle:tuxedo_system_and_applications_monitor:12.1.3.0.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:retail_order_management_system:4.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:endeca_information_discovery_integrator:3.1.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:7.6_ppc64le:*:*:*:*:*:*:*
References (CONFIRM) https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03828en_us - (CONFIRM) https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03828en_us - Third Party Advisory
References () https://lists.apache.org/thread.html/3fd341a604c4e9eab39e7eaabbbac39c30101a022acc11dd09d7ebcb%40%3Cannounce.tomcat.apache.org%3E - () https://lists.apache.org/thread.html/3fd341a604c4e9eab39e7eaabbbac39c30101a022acc11dd09d7ebcb%40%3Cannounce.tomcat.apache.org%3E - Issue Tracking, Mailing List
References () https://lists.apache.org/thread.html/raba0fabaf4d56d4325ab2aca8814f0b30a237ab83d8106b115ee279a%40%3Cdev.tomcat.apache.org%3E - () https://lists.apache.org/thread.html/raba0fabaf4d56d4325ab2aca8814f0b30a237ab83d8106b115ee279a%40%3Cdev.tomcat.apache.org%3E - Mailing List, Patch
References () https://lists.apache.org/thread.html/1dd0a59c1295cc08ce4c9e7edae5ad2268acc9ba55adcefa0532e5ba%40%3Cdev.tomcat.apache.org%3E - () https://lists.apache.org/thread.html/1dd0a59c1295cc08ce4c9e7edae5ad2268acc9ba55adcefa0532e5ba%40%3Cdev.tomcat.apache.org%3E - Mailing List, Patch
References (CONFIRM) https://support.f5.com/csp/article/K53173544 - (CONFIRM) https://support.f5.com/csp/article/K53173544 - Third Party Advisory
References (CONFIRM) https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03812en_us - (CONFIRM) https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03812en_us - Third Party Advisory
References (REDHAT) https://access.redhat.com/errata/RHSA-2018:0275 - (REDHAT) https://access.redhat.com/errata/RHSA-2018:0275 - Third Party Advisory
References (REDHAT) https://access.redhat.com/errata/RHSA-2018:0268 - (REDHAT) https://access.redhat.com/errata/RHSA-2018:0268 - Third Party Advisory
References () https://lists.apache.org/thread.html/r6ccee4e849bc77df0840c7f853f6bd09d426f6741247da2b7429d5d9%40%3Cdev.tomcat.apache.org%3E - () https://lists.apache.org/thread.html/r6ccee4e849bc77df0840c7f853f6bd09d426f6741247da2b7429d5d9%40%3Cdev.tomcat.apache.org%3E - Mailing List, Patch
References (CONFIRM) http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html - (CONFIRM) http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html - Patch, Third Party Advisory
References () https://lists.apache.org/thread.html/eb6efa8d59c45a7a9eff94c4b925467d3b3fec8ba7697f3daa314b04%40%3Cdev.tomcat.apache.org%3E - () https://lists.apache.org/thread.html/eb6efa8d59c45a7a9eff94c4b925467d3b3fec8ba7697f3daa314b04%40%3Cdev.tomcat.apache.org%3E - Mailing List, Patch
References (REDHAT) https://access.redhat.com/errata/RHSA-2018:0269 - (REDHAT) https://access.redhat.com/errata/RHSA-2018:0269 - Third Party Advisory
References () https://lists.apache.org/thread.html/r48c1444845fe15a823e1374674bfc297d5008a5453788099ea14caf0%40%3Cdev.tomcat.apache.org%3E - () https://lists.apache.org/thread.html/r48c1444845fe15a823e1374674bfc297d5008a5453788099ea14caf0%40%3Cdev.tomcat.apache.org%3E - Mailing List, Patch
References (MISC) https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html - (MISC) https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html - Patch, Third Party Advisory
References () https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551%40%3Cdev.tomcat.apache.org%3E - () https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551%40%3Cdev.tomcat.apache.org%3E - Mailing List, Patch
References (CONFIRM) https://security.netapp.com/advisory/ntap-20180117-0002/ - (CONFIRM) https://security.netapp.com/advisory/ntap-20180117-0002/ - Third Party Advisory
References (REDHAT) https://access.redhat.com/errata/RHSA-2018:0465 - (REDHAT) https://access.redhat.com/errata/RHSA-2018:0465 - Third Party Advisory
References () https://lists.apache.org/thread.html/b5e3f51d28cd5d9b1809f56594f2cf63dcd6a90429e16ea9f83bbedc%40%3Cdev.tomcat.apache.org%3E - () https://lists.apache.org/thread.html/b5e3f51d28cd5d9b1809f56594f2cf63dcd6a90429e16ea9f83bbedc%40%3Cdev.tomcat.apache.org%3E - Mailing List, Patch
References (REDHAT) https://access.redhat.com/errata/RHSA-2017:3080 - (REDHAT) https://access.redhat.com/errata/RHSA-2017:3080 - Third Party Advisory
References (REDHAT) https://access.redhat.com/errata/RHSA-2017:3113 - (REDHAT) https://access.redhat.com/errata/RHSA-2017:3113 - Third Party Advisory
References () https://lists.apache.org/thread.html/r3bbb800a816d0a51eccc5a228c58736960a9fffafa581a225834d97d%40%3Cdev.tomcat.apache.org%3E - () https://lists.apache.org/thread.html/r3bbb800a816d0a51eccc5a228c58736960a9fffafa581a225834d97d%40%3Cdev.tomcat.apache.org%3E - Mailing List, Patch
References () https://lists.apache.org/thread.html/5c0e00fd31efc11e147bf99d0f03c00a734447d3b131ab0818644cdb%40%3Cdev.tomcat.apache.org%3E - () https://lists.apache.org/thread.html/5c0e00fd31efc11e147bf99d0f03c00a734447d3b131ab0818644cdb%40%3Cdev.tomcat.apache.org%3E - Mailing List, Patch
References () https://lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708%40%3Cdev.tomcat.apache.org%3E - () https://lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708%40%3Cdev.tomcat.apache.org%3E - Mailing List, Patch
References (REDHAT) https://access.redhat.com/errata/RHSA-2018:0271 - (REDHAT) https://access.redhat.com/errata/RHSA-2018:0271 - Third Party Advisory
References () https://lists.apache.org/thread.html/6af47120905aa7d8fe12f42e8ff2284fb338ba141d3b77b8c7cb61b3%40%3Cdev.tomcat.apache.org%3E - () https://lists.apache.org/thread.html/6af47120905aa7d8fe12f42e8ff2284fb338ba141d3b77b8c7cb61b3%40%3Cdev.tomcat.apache.org%3E - Mailing List, Patch
References () https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c%40%3Cdev.tomcat.apache.org%3E - () https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c%40%3Cdev.tomcat.apache.org%3E - Mailing List, Patch
References (CONFIRM) http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html - (CONFIRM) http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html - Patch, Third Party Advisory
References (CONFIRM) http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html - (CONFIRM) http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html - Patch, Third Party Advisory
References (REDHAT) https://access.redhat.com/errata/RHSA-2017:3114 - (REDHAT) https://access.redhat.com/errata/RHSA-2017:3114 - Third Party Advisory
References (REDHAT) https://access.redhat.com/errata/RHSA-2018:0270 - (REDHAT) https://access.redhat.com/errata/RHSA-2018:0270 - Third Party Advisory
References () https://lists.apache.org/thread.html/88855876c33f2f9c532ffb75bfee570ccf0b17ffa77493745af9a17a%40%3Cdev.tomcat.apache.org%3E - () https://lists.apache.org/thread.html/88855876c33f2f9c532ffb75bfee570ccf0b17ffa77493745af9a17a%40%3Cdev.tomcat.apache.org%3E - Mailing List, Patch
References (REDHAT) https://access.redhat.com/errata/RHSA-2018:0466 - (REDHAT) https://access.redhat.com/errata/RHSA-2018:0466 - Third Party Advisory
References (REDHAT) https://access.redhat.com/errata/RHSA-2018:2939 - (REDHAT) https://access.redhat.com/errata/RHSA-2018:2939 - Third Party Advisory
References (CONFIRM) https://security.netapp.com/advisory/ntap-20171018-0002/ - (CONFIRM) https://security.netapp.com/advisory/ntap-20171018-0002/ - Third Party Advisory
References (MLIST) https://lists.debian.org/debian-lts-announce/2017/11/msg00009.html - (MLIST) https://lists.debian.org/debian-lts-announce/2017/11/msg00009.html - Mailing List, Third Party Advisory
References (REDHAT) https://access.redhat.com/errata/RHSA-2017:3081 - (REDHAT) https://access.redhat.com/errata/RHSA-2017:3081 - Third Party Advisory
References () https://lists.apache.org/thread.html/e85e83e9954f169bbb77b44baae5a33d8de878df557bb32b7f793661%40%3Cdev.tomcat.apache.org%3E - () https://lists.apache.org/thread.html/e85e83e9954f169bbb77b44baae5a33d8de878df557bb32b7f793661%40%3Cdev.tomcat.apache.org%3E - Mailing List, Patch
References () https://lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7%40%3Cdev.tomcat.apache.org%3E - () https://lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7%40%3Cdev.tomcat.apache.org%3E - Mailing List, Patch
References (UBUNTU) https://usn.ubuntu.com/3665-1/ - (UBUNTU) https://usn.ubuntu.com/3665-1/ - Third Party Advisory
References () https://lists.apache.org/thread.html/845312a10aabbe2c499fca94003881d2c79fc993d85f34c1f5c77424%40%3Cdev.tomcat.apache.org%3E - () https://lists.apache.org/thread.html/845312a10aabbe2c499fca94003881d2c79fc993d85f34c1f5c77424%40%3Cdev.tomcat.apache.org%3E - Mailing List, Patch
First Time Redhat jboss Enterprise Web Server
Redhat jboss Enterprise Application Platform
Oracle retail Insights
Oracle retail Xstore Point Of Service
Redhat enterprise Linux Desktop
Oracle tuxedo System And Applications Monitor
Oracle workload Manager
Redhat enterprise Linux Workstation
Oracle agile Plm
Oracle retail Store Inventory Management
Oracle retail Price Management
Oracle retail Eftlink
Oracle retail Back Office
Oracle communications Instant Messaging Server
Redhat enterprise Linux For Ibm Z Systems
Debian debian Linux
Canonical
Oracle instantis Enterprisetrack
Netapp
Oracle retail Central Office
Oracle webcenter Sites
Redhat enterprise Linux Eus
Redhat enterprise Linux For Power Little Endian
Oracle
Netapp oncommand Insight
Netapp oncommand Balance
Netapp active Iq Unified Manager
Oracle micros Lucas
Redhat enterprise Linux For Power Big Endian
Netapp oncommand Workflow Automation
Oracle retail Advanced Inventory Planning
Redhat enterprise Linux For Power Big Endian Eus
Netapp snapcenter
Redhat
Redhat enterprise Linux Eus Compute Node
Oracle endeca Information Discovery Integrator
Redhat jboss Enterprise Web Server Text-only Advisories
Oracle retail Point-of-service
Oracle retail Order Management System
Oracle retail Returns Management
Oracle transportation Management
Oracle retail Convenience And Fuel Pos Software
Oracle health Sciences Empirica Inspections
Redhat enterprise Linux For Power Little Endian Eus
Oracle mysql Enterprise Monitor
Oracle fmw Platform
Oracle financial Services Analytical Applications Infrastructure
Oracle hospitality Guest Access
Oracle retail Order Broker
Redhat enterprise Linux Server
Redhat fuse
Debian
Oracle retail Invoice Matching
Redhat enterprise Linux Server Aus
Oracle enterprise Manager For Mysql Database
Netapp element
Netapp oncommand Shift
Oracle micros Retail Xbri Loss Prevention
Canonical ubuntu Linux
Oracle management Pack
Redhat enterprise Linux Server Tus
Redhat enterprise Linux For Ibm Z Systems Eus

08 Dec 2023, 16:41

Type Values Removed Values Added
CPE cpe:2.3:a:apache:tomcat:9.0.0:m20:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:9.0.0:m9:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:9.0.0:m7:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:9.0.0:m14:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:9.0.0:m8:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:9.0.0:m11:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:9.0.0:m21:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:9.0.0:m15:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:9.0.0:m12:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:9.0.0:m16:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:9.0.0:m5:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:9.0.0:m3:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:9.0.0:m13:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:9.0.0:m6:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:9.0.0:m17:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:9.0.0:m4:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:9.0.0:m10:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:9.0.0:m22:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:9.0.0:m1:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:9.0.0:m2:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:9.0.0:m19:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:9.0.0:m18:*:*:*:*:*:*		 cpe:2.3:a:apache:tomcat:9.0.0:milestone17:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:9.0.0:milestone5:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:9.0.0:milestone3:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:9.0.0:milestone9:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:9.0.0:milestone15:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:9.0.0:milestone16:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:9.0.0:milestone19:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:9.0.0:milestone21:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:9.0.0:milestone12:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:9.0.0:milestone10:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:9.0.0:milestone4:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:9.0.0:milestone7:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:9.0.0:milestone2:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:9.0.0:milestone8:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:9.0.0:milestone11:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:9.0.0:milestone13:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:9.0.0:milestone1:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:9.0.0:milestone18:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:9.0.0:milestone20:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:9.0.0:milestone22:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:9.0.0:milestone6:*:*:*:*:*:*
cpe:2.3:a:apache:tomcat:9.0.0:milestone14:*:*:*:*:*:*

07 Nov 2023, 02:38

Type Values Removed Values Added
References
  • {'url': 'https://lists.apache.org/thread.html/845312a10aabbe2c499fca94003881d2c79fc993d85f34c1f5c77424@%3Cdev.tomcat.apache.org%3E', 'name': '[tomcat-dev] 20190413 svn commit: r1857494 [16/20] - in /tomcat/site/trunk: ./ docs/ xdocs/', 'tags': [], 'refsource': 'MLIST'}
  • {'url': 'https://lists.apache.org/thread.html/5c0e00fd31efc11e147bf99d0f03c00a734447d3b131ab0818644cdb@%3Cdev.tomcat.apache.org%3E', 'name': '[tomcat-dev] 20190325 svn commit: r1856174 [23/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/', 'tags': [], 'refsource': 'MLIST'}
  • {'url': 'https://lists.apache.org/thread.html/e85e83e9954f169bbb77b44baae5a33d8de878df557bb32b7f793661@%3Cdev.tomcat.apache.org%3E', 'name': '[tomcat-dev] 20190413 svn commit: r1857496 [3/4] - in /tomcat/site/trunk: ./ docs/ xdocs/', 'tags': [], 'refsource': 'MLIST'}
  • {'url': 'https://lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7@%3Cdev.tomcat.apache.org%3E', 'name': '[tomcat-dev] 20190415 svn commit: r1857582 [17/22] - in /tomcat/site/trunk: docs/ xdocs/stylesheets/', 'tags': [], 'refsource': 'MLIST'}
  • {'url': 'https://lists.apache.org/thread.html/r6ccee4e849bc77df0840c7f853f6bd09d426f6741247da2b7429d5d9@%3Cdev.tomcat.apache.org%3E', 'name': '[tomcat-dev] 20200203 svn commit: r1873527 [24/30] - /tomcat/site/trunk/docs/', 'tags': [], 'refsource': 'MLIST'}
  • {'url': 'https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551@%3Cdev.tomcat.apache.org%3E', 'name': '[tomcat-dev] 20190319 svn commit: r1855831 [25/30] - in /tomcat/site/trunk: ./ docs/ xdocs/', 'tags': [], 'refsource': 'MLIST'}
  • {'url': 'https://lists.apache.org/thread.html/6af47120905aa7d8fe12f42e8ff2284fb338ba141d3b77b8c7cb61b3@%3Cdev.tomcat.apache.org%3E', 'name': '[tomcat-dev] 20190415 svn commit: r1857582 [19/22] - in /tomcat/site/trunk: docs/ xdocs/stylesheets/', 'tags': [], 'refsource': 'MLIST'}
  • {'url': 'https://lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708@%3Cdev.tomcat.apache.org%3E', 'name': '[tomcat-dev] 20190325 svn commit: r1856174 [22/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/', 'tags': [], 'refsource': 'MLIST'}
  • {'url': 'https://lists.apache.org/thread.html/b5e3f51d28cd5d9b1809f56594f2cf63dcd6a90429e16ea9f83bbedc@%3Cdev.tomcat.apache.org%3E', 'name': '[tomcat-dev] 20190325 svn commit: r1856174 [24/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/', 'tags': [], 'refsource': 'MLIST'}
  • {'url': 'https://lists.apache.org/thread.html/eb6efa8d59c45a7a9eff94c4b925467d3b3fec8ba7697f3daa314b04@%3Cdev.tomcat.apache.org%3E', 'name': '[tomcat-dev] 20190319 svn commit: r1855831 [24/30] - in /tomcat/site/trunk: ./ docs/ xdocs/', 'tags': [], 'refsource': 'MLIST'}
  • {'url': 'https://lists.apache.org/thread.html/r48c1444845fe15a823e1374674bfc297d5008a5453788099ea14caf0@%3Cdev.tomcat.apache.org%3E', 'name': '[tomcat-dev] 20200213 svn commit: r1873980 [29/34] - /tomcat/site/trunk/docs/', 'tags': [], 'refsource': 'MLIST'}
  • {'url': 'https://lists.apache.org/thread.html/r3bbb800a816d0a51eccc5a228c58736960a9fffafa581a225834d97d@%3Cdev.tomcat.apache.org%3E', 'name': '[tomcat-dev] 20200203 svn commit: r1873527 [25/30] - /tomcat/site/trunk/docs/', 'tags': [], 'refsource': 'MLIST'}
  • {'url': 'https://lists.apache.org/thread.html/88855876c33f2f9c532ffb75bfee570ccf0b17ffa77493745af9a17a@%3Cdev.tomcat.apache.org%3E', 'name': '[tomcat-dev] 20190413 svn commit: r1857494 [17/20] - in /tomcat/site/trunk: ./ docs/ xdocs/', 'tags': [], 'refsource': 'MLIST'}
  • {'url': 'https://lists.apache.org/thread.html/3fd341a604c4e9eab39e7eaabbbac39c30101a022acc11dd09d7ebcb@%3Cannounce.tomcat.apache.org%3E', 'name': '[announce] 20171003 [SECURITY] CVE-2017-12617 Apache Tomcat Remote Code Execution via JSP upload', 'tags': ['Mailing List', 'Vendor Advisory'], 'refsource': 'MLIST'}
  • {'url': 'https://lists.apache.org/thread.html/1dd0a59c1295cc08ce4c9e7edae5ad2268acc9ba55adcefa0532e5ba@%3Cdev.tomcat.apache.org%3E', 'name': '[tomcat-dev] 20190415 svn commit: r1857582 [18/22] - in /tomcat/site/trunk: docs/ xdocs/stylesheets/', 'tags': [], 'refsource': 'MLIST'}
  • {'url': 'https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c@%3Cdev.tomcat.apache.org%3E', 'name': '[tomcat-dev] 20200213 svn commit: r1873980 [27/34] - /tomcat/site/trunk/docs/', 'tags': [], 'refsource': 'MLIST'}
  • {'url': 'https://lists.apache.org/thread.html/raba0fabaf4d56d4325ab2aca8814f0b30a237ab83d8106b115ee279a@%3Cdev.tomcat.apache.org%3E', 'name': '[tomcat-dev] 20200213 svn commit: r1873980 [28/34] - /tomcat/site/trunk/docs/', 'tags': [], 'refsource': 'MLIST'}
  • () https://lists.apache.org/thread.html/r48c1444845fe15a823e1374674bfc297d5008a5453788099ea14caf0%40%3Cdev.tomcat.apache.org%3E -
  • () https://lists.apache.org/thread.html/eb6efa8d59c45a7a9eff94c4b925467d3b3fec8ba7697f3daa314b04%40%3Cdev.tomcat.apache.org%3E -
  • () https://lists.apache.org/thread.html/88855876c33f2f9c532ffb75bfee570ccf0b17ffa77493745af9a17a%40%3Cdev.tomcat.apache.org%3E -
  • () https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551%40%3Cdev.tomcat.apache.org%3E -
  • () https://lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708%40%3Cdev.tomcat.apache.org%3E -
  • () https://lists.apache.org/thread.html/b5e3f51d28cd5d9b1809f56594f2cf63dcd6a90429e16ea9f83bbedc%40%3Cdev.tomcat.apache.org%3E -
  • () https://lists.apache.org/thread.html/845312a10aabbe2c499fca94003881d2c79fc993d85f34c1f5c77424%40%3Cdev.tomcat.apache.org%3E -
  • () https://lists.apache.org/thread.html/6af47120905aa7d8fe12f42e8ff2284fb338ba141d3b77b8c7cb61b3%40%3Cdev.tomcat.apache.org%3E -
  • () https://lists.apache.org/thread.html/3fd341a604c4e9eab39e7eaabbbac39c30101a022acc11dd09d7ebcb%40%3Cannounce.tomcat.apache.org%3E -
  • () https://lists.apache.org/thread.html/raba0fabaf4d56d4325ab2aca8814f0b30a237ab83d8106b115ee279a%40%3Cdev.tomcat.apache.org%3E -
  • () https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c%40%3Cdev.tomcat.apache.org%3E -
  • () https://lists.apache.org/thread.html/1dd0a59c1295cc08ce4c9e7edae5ad2268acc9ba55adcefa0532e5ba%40%3Cdev.tomcat.apache.org%3E -
  • () https://lists.apache.org/thread.html/e85e83e9954f169bbb77b44baae5a33d8de878df557bb32b7f793661%40%3Cdev.tomcat.apache.org%3E -
  • () https://lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7%40%3Cdev.tomcat.apache.org%3E -
  • () https://lists.apache.org/thread.html/r3bbb800a816d0a51eccc5a228c58736960a9fffafa581a225834d97d%40%3Cdev.tomcat.apache.org%3E -
  • () https://lists.apache.org/thread.html/5c0e00fd31efc11e147bf99d0f03c00a734447d3b131ab0818644cdb%40%3Cdev.tomcat.apache.org%3E -
  • () https://lists.apache.org/thread.html/r6ccee4e849bc77df0840c7f853f6bd09d426f6741247da2b7429d5d9%40%3Cdev.tomcat.apache.org%3E -
Information

Published : 2017-10-04 01:29

Updated : 2025-02-06 14:13

NVD link : CVE-2017-12617

Mitre link : CVE-2017-12617

JSON object : View

Products Affected

netapp

  • oncommand_insight
  • active_iq_unified_manager
  • oncommand_balance
  • snapcenter
  • oncommand_workflow_automation
  • oncommand_shift
  • element

oracle

  • retail_back_office
  • retail_central_office
  • webcenter_sites
  • retail_eftlink
  • micros_lucas
  • retail_xstore_point_of_service
  • enterprise_manager_for_mysql_database
  • retail_store_inventory_management
  • workload_manager
  • communications_instant_messaging_server
  • financial_services_analytical_applications_infrastructure
  • fmw_platform
  • retail_advanced_inventory_planning
  • endeca_information_discovery_integrator
  • hospitality_guest_access
  • micros_retail_xbri_loss_prevention
  • mysql_enterprise_monitor
  • transportation_management
  • retail_point-of-service
  • health_sciences_empirica_inspections
  • tuxedo_system_and_applications_monitor
  • management_pack
  • instantis_enterprisetrack
  • agile_plm
  • retail_price_management
  • retail_invoice_matching
  • retail_order_management_system
  • retail_insights
  • retail_convenience_and_fuel_pos_software
  • retail_returns_management
  • retail_order_broker

redhat

  • enterprise_linux_for_power_little_endian_eus
  • enterprise_linux_desktop
  • jboss_enterprise_web_server_text-only_advisories
  • enterprise_linux_eus_compute_node
  • enterprise_linux_for_power_big_endian_eus
  • enterprise_linux_for_ibm_z_systems_eus
  • enterprise_linux_server_aus
  • enterprise_linux_for_ibm_z_systems
  • enterprise_linux_server_tus
  • enterprise_linux_for_power_little_endian
  • enterprise_linux_for_power_big_endian
  • fuse
  • enterprise_linux_server
  • enterprise_linux_eus
  • jboss_enterprise_web_server
  • jboss_enterprise_application_platform
  • enterprise_linux_workstation

canonical

  • ubuntu_linux

debian

  • debian_linux

apache

  • tomcat
CWE
CWE-434

Unrestricted Upload of File with Dangerous Type