edit-icon download-icon

[Vulnerability notice] CVE-2017-5664: Security policy bypass vulnerability in Apache Tomcat

Last Updated: Apr 08, 2018

Apache Tomcat is a popular open-source JSP application server program. Apache Tomcat 9.0.0.M1–9.0.0.M20, 8.5.0–8.5.14, 8.0.0.RC1–8.0.43, and 7.0.0–7.0.77 have vulnerabilities in the error page implementation mechanism, which leads to unexpected results based on source requests. For example, if DefaultServlet is writable, custom error pages may be replaced or removed.

See the following for more information about the vulnerability.


CVE identifier

CVE-2017-5664

Vulnerability name

Apache Tomcat security policy bypass vulnerability

Vulnerability rating

High

Vulnerability description

An attacker can exploit this vulnerability to construct malicious requests, which results in file deletion. For example, if DefaultServlet is writable, custom error pages may be replaced or removed.

See the following links for more information:

Condition and method of exploitation

Remote exploitation

Affected scope

  • Apache Group Tomcat 9.0.0.M1-9.0.0.M20
  • Apache Group Tomcat 8.5.0-8.5.14
  • Apache Group Tomcat 8.0.0.RC1-8.0.43
  • Apache Group Tomcat 7.0.0-7.0.77

How to fix or mitigate

The vendor has released a patch to fix the vulnerability. Download the latest version from the vendor’s website.

Reference

[1]. http://tomcat.apache.org/security-9.html
[2]. http://tomcat.apache.org/security-8.html
[3]. http://tomcat.apache.org/security-7.html

Thank you! We've received your feedback.