Apache Tomcat Remote Code Execution via JSP upload (CVE-2017-12615 / CVE-2017-12617)
In the recent days, a new vulnerability in Apache Tomcat has been published (CVE-2017-12615). The vulnerability allows attackers to upload arbitrary files to the Tomcat application server by utilizin...
Published Sep 27, 2017
Version 1.0
Gal_Goldshtein
Employee
EmployeeGal_GoldshteinEmployee
Employee
cdjac0bsen
Nimbostratus
NimbostratusGal, that signature is associated with the IIS sig set. Does it only block for Tomcat on Windows or will it block on non-Windows policies?