PSIRT

Apache Tomcat vulnerabilities (Tier1/2 Focus)

Summary

Multiple Remote Code Execution (RCE) vulnerabilities (CVE-2017-12615, CVE-2017-12617) are affecting Apache Tomcat.

Affected Products

The following Fortinet products are NOT affected:
FortiOS
FortiAP
FortiSwitch
FortiAnalyzer
FortiMail
FortiManager
FortiWeb
None of the products above are using Apache Tomcat.

References

http://tomcat.apache.org/security.html

IR Number	FG-IR-17-251
Published Date	Oct 24, 2017
Component	GUI
Severity	High
Discovered	Third-Party Library
Attack Type	Authenticated
Known Exploited	No
CVSSv3 Score	0
Impact	Denial of service
CVE ID
Download	CVRF

Protect

Detect

Respond

Recover

Identify

Network Security

Cloud & Application Security

Endpoint Security

Security Operations

PSIRT

Apache Tomcat vulnerabilities (Tier1/2 Focus)

Summary

Affected Products

References