The security update addresses a critical SQL injection vulnerability that could allow an attacker to modify data and create administrative users

Threat ID:CC-4517

Threat Severity:Medium

Published:27 June 2024 1:45 PM

Summary

Affected platforms

The following platforms are known to be affected:

Versions: all prior to 5.1.6 Build 139

Fortra FileCatalyst

Threat details

Introduction

Fortra has released a security update addressing a critical vulnerability found in FileCatalyst Workflow. FileCatalyst is an accelerated file transfer software solution that allows the transfer of large files over remote networks.

CVE-2024-5276 is an SQL Injection vulnerability with a CVSSv3 score of 9.8 (critical), which if exploited could allow an unauthenticated attacker to modify or delete data in the application database, and create administrative users.

Public proof-of-concept exploit available for CVE-2024-5276

A proof-of-concept exploit for CVE-2024-5276 has been made publicly available by security researchers, which increases the likelihood of exploitation.

Remediation advice

Affected organisations are encouraged to review Forta Security Advisory FI-2024-008 and update to version 5.1.6 Build 139 (or later).

Definitive source of threat updates

https://www.fortra.com/security/advisory/fi-2024-008

CVE Vulnerabilities

StatusPublished

CVE-2024-5276A SQL Injection vulnerability in Fortra FileCatalyst Workflow allows an attacker to modify application data. Likely impacts include creation of administrative users and deletion or modification of data in the application database. Data exfiltration via SQL injection is not possible using this vulnerability. Successful unauthenticated exploitation requires a Workflow system with anonymous access enabled, otherwise an authenticated user is required. This issue affects all versions of FileCatalyst Workflow from 5.1.6 Build 135 and earlier.

Last edited: 27 June 2024 2:30 pm