A critical security flaw has been disclosed in Fortra FileCatalyst Workflow that, if left unpatched, could make it possible for an attacker to tamper with the application database.
Tracked as CVE-2024-5276, the vulnerability carries a CVSS rating of 9.8. It impacts FileCatalyst Workflow variations 5.1.6 Establish 135 and earlier. It has been tackled in model 5.1.6 develop 139.
“An SQL injection vulnerability in Fortra FileCatalyst Workflow makes it possible for an attacker to modify software facts,” Fortra stated in an advisory posted Tuesday. “Probable impacts incorporate creation of administrative people and deletion or modification of information in the application databases.”
Protect your privacy by Mullvad VPN. Mullvad VPN is one of the famous brands in the security and privacy world. With Mullvad VPN you will not even be asked for your email address. No log policy, no data from you will be saved. Get your license key now from the official distributor of Mullvad with discount: SerialCart® (Limited Offer).
➤ Get Mullvad VPN with 12% Discount
It also emphasised that effective unauthenticated exploitation calls for a Workflow procedure with nameless obtain enabled. Alternatively, it can also be abused by an authenticated consumer.
Consumers who can not implement the patches instantly can disable the susceptible servlets – csv_servlet, pdf_servlet, xml_servlet, and json_servlet – in the “web.xml” file found in the Apache Tomcat installation directory as short term workarounds.
Cybersecurity firm Tenable, which documented the flaw on May perhaps 22, 2024, has since launched a proof-of-strategy (PoC) exploit for the flaw.
“A person-provided jobID is utilised to variety the Where by clause in an SQL query,” it mentioned. “An anonymous remote attacker can carry out SQLi by means of the JOBID parameter in several URL endpoints of the workflow web application.”
Found this article attention-grabbing? Observe us on Twitter and LinkedIn to read much more unique information we submit.
Some components of this short article are sourced from:
thehackernews.com
New MOVEit Transfer Vulnerability Under Active Exploitation – Patch ASAP!