CVE-2017-5647 TripWire Enterprise Console Prior to version 8.6.0 Multiple Vulnerabilities.

Tripwire delivers a robust file integrity monitoring (FIM) solution, able to monitor detailed system integrity: files, directories, registries, configuration parameters, DLLs, ports, services, protocols, etc.

The Tripwire Enterprise Console manages and monitors system and file attributes for integrity, change or threat detection, assesses configurations for weaknesses, misconfiguration and vulnerabilities, and applies compliance and security policies to those systems.

Affected Software:
TripWire Enterprise Console Prior to version 8.6.0.

QID Detection Logic (Remote):
This QID determines a vulnerable version of TripWire Enterprise Console based on a HTTP response header.

This system is exposed to multiple vulnerabilities and is at a high risk of being exploited.

Customers are advised to upgrade TripWire Enterprise Console to version 8.6.0 or above.

Patch:
Following are links for downloading patches to fix the vulnerabilities:

Tripwire Enterprise Console

Virtual Patches:
Trend Micro Virtual Patching
Virtual Patch #1001138: Apache Tomcat Remote File Disclosure Vulnerability
Virtual Patch #1006107: 1006107 - Apache Tomcat Chunk Request Remote Denial Of Service Vulnerability
Virtual Patch #1005496: 1005496 - Identified HTTP Request Smuggling Attack
Virtual Patch #1006015: 1006015 - Restrict Apache Struts 'class.classLoader' Request
Virtual Patch #1005929: 1005929 - Apache Tomcat Commons UploadFile Denial Of Service Vulnerability