Fortra Patches Critical Vulnerability in FileCatalyst Workflow

1 month ago 10
News Banner

Looking for an Interim or Fractional CTO to support your business?

Read more

Cybersecurity solutions provider Fortra this week announced patches for two vulnerabilities in FileCatalyst Workflow, including a critical-severity flaw involving leaked credentials.

The critical issue, tracked as CVE-2024-6633 (CVSS score of 9.8), exists because the default credentials for the setup HSQL database (HSQLDB) have been published in a vendor knowledgebase article.

According to the company, HSQLDB, which has been deprecated, is included to facilitate installation, and not intended for production use. If no alternative database has been configured, however, HSQLDB may expose vulnerable FileCatalyst Workflow instances to attacks.

Fortra, which recommends that the bundled HSQL database should not be used, notes that CVE-2024-6633 is exploitable only if the attacker has access to the network and port scanning and if the HSQLDB port is exposed to the internet.

“The attack grants an unauthenticated attacker remote access to the database, up to and including data manipulation/exfiltration from the database, and admin user creation, though their access levels are still sandboxed,” Fortra notes.

The company has addressed the vulnerability by limiting access to the database to localhost. Patches were included in FileCatalyst Workflow version 5.1.7 build 156, which also resolves a high-severity SQL injection flaw tracked as CVE-2024-6632.

“A vulnerability exists in FileCatalyst Workflow whereby a field accessible to the super admin can be used to perform an SQL injection attack which can lead to a loss of confidentiality, integrity, and availability,” Fortra explains.

The company also notes that, because FileCatalyst Workflow only has one super admin, an attacker in possession of the credentials could perform more dangerous operations than the SQL injection.

Advertisement. Scroll to continue reading.

Fortra customers are advised to update to FileCatalyst Workflow version 5.1.7 build 156 or later as soon as possible. The company makes no mention of any of these vulnerabilities being exploited in attacks.

Related: Fortra Patches Critical SQL Injection in FileCatalyst Workflow

Related: Code Execution Vulnerability Found in WPML Plugin Installed on 1M WordPress Sites

Related: SonicWall Patches Critical SonicOS Vulnerability

Related: Pentagon Received Over 50,000 Vulnerability Reports Since 2016

Read Entire Article