ACTIVELY EXPLOITED3 sources verified·1 min read
By Lyrie Threat Intelligence·3/25/2022
CVE-2017-12617 added to CISA KEV: Apache Tomcat
Status: ✅ Confirmed exploited in the wild
Date added: 2022-03-25
Required action: Apply updates per vendor instructions.
Due date: 2022-04-15
Why this matters
When running Apache Tomcat, it is possible to upload a JSP file to the server via a specially crafted request. This JSP could then be requested and any code it contained would be executed by the server.
Sources
Lyrie Verdict
Lyrie's autonomous detection layer catches active exploitation primitives at machine speed — closing the gap between disclosure and weaponization that traditional defense simply can't cover.