CVE-2017-12615 Apache tomcat RCE via JSP upload

Support for security such as Firewalls and securing linux
Post Reply
Posts: 6
Joined: 2017/10/02 19:18:30

CVE-2017-12615 Apache tomcat RCE via JSP upload

Post by Sukumar2574 » 2018/06/25 17:15:07

Our internal team has reported this vulnerability on CentOS 6. From the internet, I did not see anywhere about this vulnerability in CentOS. Though., there is no much difference between RHEL and CentOS except for brand renaming. I want to make sure if there are any patches released for this vulnerability.

please let me know if there are any patches.


User avatar
Forum Moderator
Posts: 27675
Joined: 2009/09/24 10:40:56
Location: Brighton, UK

Re: CVE-2017-12615 Apache tomcat RCE via JSP upload

Post by TrevorH » 2018/06/25 17:45:23

rpm -q tomcat6 should report a version higher than or equal to tomcat6-6.0.24-111.el6_9.noarch.rpm
rpm -q --changelog tomcat6 should contain

- Resolves: rhbz#1498345 CVE-2017-12615 CVE-2017-12617 tomcat6: various flaws
CentOS 6 will die in November 2020 - migrate sooner rather than later!
CentOS 5 has been EOL for nearly 3 years and should no longer be used for anything!
Full time Geek, part time moderator. Use the FAQ Luke

Post Reply

Return to “CentOS 6 - Security Support”