19.9 C
New York
Sunday, September 15, 2024

Fortra Points Patch for Excessive-Threat FileCatalyst Workflow Safety Vulnerability


Aug 28, 2024Ravie LakshmananVulnerability / Knowledge Safety

Fortra Points Patch for Excessive-Threat FileCatalyst Workflow Safety Vulnerability

Fortra has addressed a vital safety flaw impacting FileCatalyst Workflow that could possibly be abused by a distant attacker to achieve administrative entry.

The vulnerability, tracked as CVE-2024-6633, carries a CVSS rating of 9.8, and stems from using a static password to hook up with a HSQL database.

“The default credentials for the setup HSQL database (HSQLDB) for FileCatalyst Workflow are revealed in a vendor data base article,” Fortra mentioned in an advisory. “Misuse of those credentials may result in a compromise of confidentiality, integrity, or availability of the software program.”

Cybersecurity

“The HSQLDB is barely included to facilitate set up, has been deprecated, and isn’t meant for manufacturing use per vendor guides. Nevertheless, customers who haven’t configured FileCatalyst Workflow to make use of another database per suggestions are susceptible to assault from any supply that may attain the HSQLDB.”

Cybersecurity firm Tenable, which has been credited with discovering and reporting the flaw, mentioned the HSQLDB is remotely accessible on TCP port 4406 by default, thereby permitting a distant attacker to hook up with the database utilizing the static password and carry out malicious operations.

FileCatalyst Workflow Security Vulnerability

Following accountable disclosure on July 2, 2024, Fortra has launched a patch to plug the safety gap in FileCatalyst Workflow 5.1.7 or later.

“For instance, the attacker can add an admin-level person within the DOCTERA_USERS desk, permitting entry to the Workflow net software as an admin person,” Tenable mentioned.

Additionally addressed in model 5.1.7 is a high-severity SQL injection flaw (CVE-2024-6632, CVSS rating: 7.2) that abuses a type submission step through the setup course of to make unauthorized modifications of the database.

Cybersecurity

“In the course of the setup strategy of FileCatalyst Workflow, the person is prompted to offer firm info by way of a type submission,” Dynatrace researcher Robin Wyss mentioned.

“The submitted knowledge is utilized in a database assertion, however the person enter shouldn’t be going by means of correct enter validation. Consequently, the attacker can modify the question. This permits for unauthorized modifications on the database.”

Discovered this text fascinating? Observe us on Twitter and LinkedIn to learn extra unique content material we publish.



Related Articles

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Latest Articles