RHSA-2018%3A0466 — Vulnetix

RHSA-2018%3A0466 PUBLISHED CVSS 7.400000095367432 HIGH

An update is now available for Red Hat JBoss Web Server 3.1 for RHEL 6 and Red Hat JBoss Web Server 3.1 for RHEL 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Risk Scores

CVSS 3.1

7.400000095367432

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H

Affected Products

Vendor	Product	Versions
	Red Hat JBoss Web Server 3.1 for RHEL 6
	tomcat8
	tomcat
	Red Hat JBoss Web Server 3.1 for RHEL 7
	tomcat7
	mod_cluster

Exploit Intelligence

just a python script for cve-2017-12615 (github-poc-repo)
just a python script for cve-2017-12615 (github-poc-repo)
just a python script for cve-2017-12615 (github-poc-repo)
CVE-2017-12617 and CVE-2017-12615 for tomcat server (github-poc-repo)
CVE-2017-12617 and CVE-2017-12615 for tomcat server (github-poc-repo)
CVE-2017-12617 and CVE-2017-12615 for tomcat server (github-poc-repo)
Apache Tomcat < 9.0.1 (Beta) / < 8.5.23 / < 8.0.47 / < 7.0.8 - JSP Upload Bypass / Remote Code Execution (github-poc-repo)
Apache Tomcat < 9.0.1 (Beta) / < 8.5.23 / < 8.0.47 / < 7.0.8 - JSP Upload Bypass / Remote Code Execution (github-poc-repo)
Apache Tomcat < 9.0.1 (Beta) / < 8.5.23 / < 8.0.47 / < 7.0.8 - JSP Upload Bypass / Remote Code Execution (github-poc-repo)
Tomcat 远程代码执行漏洞 Exploit (github-poc-repo)

…and 210 more exploits

Timeline

Mar 7, 2018 CVE Published
Jul 29, 2018 PoC Published
Mar 18, 2026 CVE Updated
Apr 6, 2026 Distribution Patch
Apr 6, 2026 Distribution Patch
Apr 6, 2026 Security Advisory
Apr 30, 2026 Security Advisory
Apr 30, 2026 Security Advisory
Apr 30, 2026 Security Advisory
Apr 30, 2026 Security Advisory
Apr 30, 2026 Security Advisory
Apr 30, 2026 Security Advisory

References

Open in Interactive Console →