BREAKING AT&T Data Breach: ‘Nearly All’ Wireless Customers Exposed in Massive Hack
Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Vulnerabilities

Fortra Patches Critical SQL Injection in FileCatalyst Workflow

Fortra has patched a critical-severity vulnerability in FileCatalyst Workflow leading to the creation of administrator accounts.

Fortra this week announced patches for a critical-severity SQL injection vulnerability in FileCatalyst Workflow that could allow attackers to create administrative user accounts.

Tracked as CVE-2024-5276 (CVSS score of 9.8) and affecting FileCatalyst Workflow version 5.1.6 Build 135 and earlier, the issue could also be exploited to modify application data, Fortra noted in an advisory.

“Data exfiltration via SQL injection is not possible using this vulnerability. Successful unauthenticated exploitation requires a Workflow system with anonymous access enabled, otherwise an authenticated user is required,” the company explained.

According to cybersecurity company Tenable, which identified the security defect, CVE-2024-5276 exists because a user-supplied jobID is used when forming the ‘Where’ clause in an SQL query.

“An anonymous remote attacker can perform SQLi via the jobID parameter in various URL endpoints of the workflow web application,” Tenable said.

The cybersecurity firm also published proof-of-concept (PoC) code that triggers the SQL injection, creates a new administrative account with the password set to ‘password123’, and allows a remote attacker to log in to the newly created account.

An enterprise software solution for transferring large files across global networks, FileCatalyst relies on the UDP protocol for fast transfers and integrates with popular cloud storage services. FileCatalyst Workflow is the solution’s web portal component, enabling users to share, track, and modify files.

Fortra addressed the vulnerability in FileCatalyst Workflow version 5.1.6 build 139. Users are advised to update their instances as soon as possible, as Fortra’s streamlined file transfer solutions have been targeted in malicious attacks.

Advertisement. Scroll to continue reading.

In January last year, hackers associated with the Cl0p ransomware operation exploited a zero-day vulnerability in the company’s GoAnywhere managed file transfer (MFT) software, stealing data belonging to dozens of organizations.

Related: PoC Published for Critical Fortra Code Execution Vulnerability

Related: PoC Code Published for Just-Disclosed Fortra GoAnywhere Vulnerability

Related: Ivanti Patches Critical Code Execution Vulnerabilities in Endpoint Manager

Related: Sumo Logic Completes Investigation Into Recent Security Breach

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Learn how to utilize tools, controls, and design models needed to properly secure cloud environments.

Register

Event: ICS Cybersecurity Conference

The leading industrial cybersecurity conference for Operations, Control Systems and IT/OT Security professionals to connect on SCADA, DCS PLC and field controller cybersecurity.

Register

People on the Move

ICS and OT cybersecurity solutions provider TXOne Networks appoints Stephen Driggers as new CRO

Identity orchestration provider Strata Identity appoints Aldo Pietropaolo as Field CTO

Cybersecurity provider for the aviation industry Cyviation has appointed Eliran Almog as Chief Executive Officer.

More People On The Move

Expert Insights