CVE-2017-15698

Risk Scores

Affected Products

Exploit Intelligence

• DSA-4118 (circl)
• [debian-lts-announce] 20180211 [SECURITY] [DLA 1276-1] tomcat-native security update (circl)
• RHSA-2018:0465 (circl)
• 1040390 (circl)
• [announce] 20180131 [SECURITY] CVE-2017-15698 Apache Tomcat Native Connector - OCSP check omitted (circl)
• RHSA-2018:0466 (circl)
• [tomcat-dev] 20190319 svn commit: r1855831 [26/30] - in /tomcat/site/trunk: ./ docs/ xdocs/ (circl)
• [tomcat-dev] 20190325 svn commit: r1856174 [26/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/ (circl)
• [tomcat-dev] 20200203 svn commit: r1873527 [26/30] - /tomcat/site/trunk/docs/ (circl)
• [tomcat-dev] 20200213 svn commit: r1873980 [31/34] - /tomcat/site/trunk/docs/ (circl)

Timeline

• Jan 31, 2018 CVE Published
• Apr 14, 2021 EPSS Score
• Jun 23, 2021 EPSS Score
• Aug 24, 2021 EPSS Score
• Oct 26, 2021 EPSS Score
• Dec 27, 2021 EPSS Score
• Feb 4, 2022 EPSS Score
• Feb 28, 2022 EPSS Score
• May 2, 2022 EPSS Score
• Sep 5, 2022 EPSS Score
• Nov 6, 2022 EPSS Score
• Jan 8, 2023 EPSS Score

References

• ALAS-2018-965: tomcat-native (medium) advisory