Astonishing SQLi Weakness Detected in Fortra FileCatalyst Workflow Application
A momentous issue concerning security has been unveiled in Fortra FileCatalyst Workflow that, if not fixed, might enable an intruder to manipulate the application database.
Identified as CVE-2024-5276, this flaw holds a CVSS rating of 9.8. It impacts versions of FileCatalyst Workflow prior to 5.1.6 Build 135. The problem has been resolved in version 5.1.6 build 139.
“A loophole in Fortra FileCatalyst Workflow allows unauthorized alteration of application data,” Fortra stated in an advisory shared on Tuesday. “Probable consequences include the establishment of administrative users and the removal or modification of data in the application database.”
It was also stressed that effectively exploiting this without authentication necessitates a Workflow system with anonymous access enabled. Alternatively, it can also be exploited by a recognized user.
Individuals unable to immediately install the patches can deactivate the vulnerable servlets – csv_servlet, pdf_servlet, xml_servlet, and json_servlet – in the “web.xml” file situated in the Apache Tomcat installation directory as provisional solutions.
Cybersecurity establishment Tenable, which reported the defect on May 22, 2024, has subsequently made available a proof-of-concept (PoC) exploit for this flaw.
“A jobID provided by the user is utilized to shape the WHERE condition in an SQL query,” it expressed. “An anonymous remote attacker can conduct SQLi through the JOBID parameter in different URL endpoints of the workflow web application.”
About Author
