SECURITYWEEK NETWORK:

ICS:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Vulnerabilities

Fortra Patches Critical SQL Injection in FileCatalyst Workflow

Fortra has patched a critical-severity vulnerability in FileCatalyst Workflow leading to the creation of administrator accounts.

Fortra this week announced patches for a critical-severity SQL injection vulnerability in FileCatalyst Workflow that could allow attackers to create administrative user accounts.

Tracked as CVE-2024-5276 (CVSS score of 9.8) and affecting FileCatalyst Workflow version 5.1.6 Build 135 and earlier, the issue could also be exploited to modify application data, Fortra noted in an advisory.

“Data exfiltration via SQL injection is not possible using this vulnerability. Successful unauthenticated exploitation requires a Workflow system with anonymous access enabled, otherwise an authenticated user is required,” the company explained.

According to cybersecurity company Tenable, which identified the security defect, CVE-2024-5276 exists because a user-supplied jobID is used when forming the ‘Where’ clause in an SQL query.

“An anonymous remote attacker can perform SQLi via the jobID parameter in various URL endpoints of the workflow web application,” Tenable said.

The cybersecurity firm also published proof-of-concept (PoC) code that triggers the SQL injection, creates a new administrative account with the password set to ‘password123’, and allows a remote attacker to log in to the newly created account.

An enterprise software solution for transferring large files across global networks, FileCatalyst relies on the UDP protocol for fast transfers and integrates with popular cloud storage services. FileCatalyst Workflow is the solution’s web portal component, enabling users to share, track, and modify files.

Fortra addressed the vulnerability in FileCatalyst Workflow version 5.1.6 build 139. Users are advised to update their instances as soon as possible, as Fortra’s streamlined file transfer solutions have been targeted in malicious attacks.

Advertisement. Scroll to continue reading.

In January last year, hackers associated with the Cl0p ransomware operation exploited a zero-day vulnerability in the company’s GoAnywhere managed file transfer (MFT) software, stealing data belonging to dozens of organizations.

Related: PoC Published for Critical Fortra Code Execution Vulnerability

Related: PoC Code Published for Just-Disclosed Fortra GoAnywhere Vulnerability

Related: Ivanti Patches Critical Code Execution Vulnerabilities in Endpoint Manager

Related: Sumo Logic Completes Investigation Into Recent Security Breach

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

More from

Latest News

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

CIEM Chat: How to Reduce Cloud Identity Risk
March 26, 2024

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

Event: AI Risk Summit | Ritz-Carlton, Half Moon Bay, CA
April 17, 2024

The AI Risk Summit brings together security and risk management executives, AI researchers, policy makers, software developers and influential business and government stakeholders.

Register

People on the Move

Former federal CISO Chris DeRusha has been appointed Director of Global Public Sector Compliance at Google Cloud.

Cybersecurity veteran Kevin Mandia has been named General Partner of Ballistic Ventures.

Mark Sutton, CISO at Bain Capital, has joined the Board of Directors at AI security firm Harmonic Security.

More People On The Move

Expert Insights