Critical SQLi Vulnerability Found in Fortra FileCatalyst Workflow Application

Fortra FileCatalyst Workflow

A critical security flaw has been disclosed in Fortra FileCatalyst Workflow that, if left unpatched, could allow an attacker to tamper with the application database.

Tracked as CVE-2024-5276, the vulnerability carries a CVSS score of 9.8. It impacts FileCatalyst Workflow versions 5.1.6 Build 135 and earlier. It has been addressed in version 5.1.6 build 139.

“An SQL injection vulnerability in Fortra FileCatalyst Workflow allows an attacker to modify application data,” Fortra said in an advisory published Tuesday. “Likely impacts include creation of administrative users and deletion or modification of data in the application database.”

It also emphasized that successful unauthenticated exploitation requires a Workflow system with anonymous access enabled. Alternatively, it can also be abused by an authenticated user.

Cybersecurity

Users who cannot apply the patches immediately can disable the vulnerable servlets – csv_servlet, pdf_servlet, xml_servlet, and json_servlet – in the “web.xml” file located in the Apache Tomcat installation directory as temporary workarounds.

Cybersecurity firm Tenable, which reported the flaw on May 22, 2024, has since released a proof-of-concept (PoC) exploit for the flaw.

“A user-supplied jobID is used to form the WHERE clause in an SQL query,” it said. “An anonymous remote attacker can perform SQLi via the JOBID parameter in various URL endpoints of the workflow web application.”



Original Source


A considerable amount of time and effort goes into maintaining this website, creating backend automation and creating new features and content for you to make actionable intelligence decisions. Everyone that supports the site helps enable new functionality.

If you like the site, please support us on “Patreon” or “Buy Me A Coffee” using the buttons below

To keep up to date follow us on the below channels.