Login

Cloud Defense Logo

Products

Solutions

Company

Book A Live Demo

CVE-2017-15698 : Security Advisory and Response

Learn about CVE-2017-15698, a vulnerability in Apache Tomcat Native Connector versions 1.2.0 to 1.2.14 and 1.1.23 to 1.1.34 that could allow access control bypass. Find out the impact, affected systems, and mitigation steps.

Apache Tomcat Native Connector versions 1.2.0 to 1.2.14 and 1.1.23 to 1.1.34 had a vulnerability related to parsing the AIA-Extension field in client certificates, potentially leading to an access control bypass.

Understanding CVE-2017-15698

This CVE involves a specific issue in Apache Tomcat Native Connector versions 1.2.0 to 1.2.14 and 1.1.23 to 1.1.34 that could impact the security of systems utilizing these versions.

What is CVE-2017-15698?

CVE-2017-15698 is a vulnerability in Apache Tomcat Native Connector versions 1.2.0 to 1.2.14 and 1.1.23 to 1.1.34 that could allow an attacker to bypass access control mechanisms by exploiting a flaw in the parsing of the AIA-Extension field in client certificates.

The Impact of CVE-2017-15698

The vulnerability could result in the acceptance of client certificates that should have been rejected if the OCSP check had been correctly conducted, potentially leading to unauthorized access to systems.

Technical Details of CVE-2017-15698

This section provides more in-depth technical information about the CVE.

Vulnerability Description

The issue arises from the incorrect handling of client certificate fields longer than 127 bytes, leading to the skipping of the OCSP check during parsing.

Affected Systems and Versions

        Apache Tomcat Native Connector versions 1.2.0 to 1.2.14
        Apache Tomcat Native Connector versions 1.1.23 to 1.1.34

Exploitation Mechanism

By crafting a client certificate with an AIA-Extension field exceeding 127 bytes, an attacker could exploit this vulnerability to bypass access controls.

Mitigation and Prevention

To address CVE-2017-15698, follow these mitigation strategies:

Immediate Steps to Take

        Update Apache Tomcat Native Connector to a non-vulnerable version.
        Implement proper access control mechanisms.

Long-Term Security Practices

        Regularly monitor and update SSL/TLS configurations.
        Conduct regular security assessments and audits.

Patching and Updates

        Apply security patches provided by Apache Software Foundation to fix the vulnerability.

Popular CVEs

CVE Id

Published Date

Is your System Free of Underlying Vulnerabilities?
Find Out Now