Full-featured SD-WAN Solution Deep Dive

Learn about the capabilities you should expect to find in a full-featured SD-WAN design and how these features operate within the larger Secure SD-WAN architecture.

SD-WAN Growth Report 2020

Futuriom outlines the market trends for SD-WAN in their June 2020 report and provides their predictions for growth and change in the space.

Versa Redefines McLarens F1 Speed Strategy

NTT Communications and Versa Networks provide McLaren with reliability, security, stability, and flexible management of their data traffic flows so they can set up a secure, optimized network connectivity in preparation of race weekend.

 
Versa Secure SD-WAN – Simple, Secure, and Reliable Branch to Multi-Cloud Connectivity

Versa Secure SD-WAN is a single software platform that offers multi-layered security and enables multi-cloud connectivity for Enterprises.

 
Gartner Magic Quadrant for WAN Edge Infrastructure, 2020

Gartner 2020 Magic Quadrant report analyzes the various vendors in the WAN edge market and Versa is positioned as a Leader.

Versa Networks - Explained in 1 minute

Learn about the Versa Secure SD-WAN solution in a high-level, one minute overview.

 
Versa Secure SD-WAN – Simple, Secure, and Reliable Branch to Multi-Cloud Connectivity

Versa Secure SD-WAN is a single software platform that offers multi-layered security and enables multi-cloud connectivity for Enterprises.

The Secure
SD-WAN Blog

Research Lab

Apache Tomcat Remote Code Execution Vulnerability (CVE-2017-12617)

versa-staff
By Versa Staff
Versa Networks
October 18, 2017

Several Security Vulnerability have been patched in recently in Apache Tomcat. The list of fixed flaws recently addressed also included code execution vulnerabilities.
Apache Tomcat is the most widely used web application server, with over one million downloads per month and over 70% penetration in the enterprise datacenter.

The Apache Tomcat development team publicly disclosed the presence of a remote code execution vulnerability, tracked as CVE-2017-12617, affecting the popular web application server.

The Apache Tomcat versions 9.0.0.M1 to 9.0.0, 8.5.0 to 8.5.22, 8.0.0.RC1 to 8.0.46 and 7.0.0 to 7.0.81 are affected. The vulnerability is classified as “important” severity, has been fixed in latest version.

About CVE-2017-12617:

The vulnerability only affected systems that have the HTTP PUT method enabled, it could be exploited by attackers to upload a malicious JSP file to target server using specially crafted request. Once file uploaded, the code it contains could be executed by requesting the file.

About Exploit:

The Apache Tomcat team confirm that all above mentioned tomcat version are vulnerable for dangerous remote code execution (RCE) vulnerability on all operating system if default servlet or WebDAV servlet is enabled with the parameter readonly set to false.

<init-param>

        <param-name>readonly</param-name>

        <param-value>false</param-value>

     </init-param>

The Exploit available publically: https://github.com/cyberheartmi9/CVE-2017-12617/

This exploit is sending special crafted HTTP put request with JSP as payload to a Tomcat server. The code is executed when the uploaded JSP is accessed via a web browser (IE, Firefox and Chrome)

Mitigation :

Update Tomcat to latest version where the vulnerability is fixed.
The readonly init-param should not be set to false.


Versa Security Solutions
Versa has released the following rules to address this vulnerability. However, more rules may be added or the current rules may change depending on the additional vulnerabilities information available.

Versa Signature ID

Rule Name

1171002010

Apache Tomcat HTTP PUT Windows Remote Code Execution