CVE-2024-5276: SQL Injection Vulnerability in FileCatalyst Workflow 5.1.6 Build 135 (and earlier)
First published: Tue Jun 25 2024(Updated: )
A SQL Injection vulnerability in Fortra FileCatalyst Workflow allows an attacker to modify application data. Likely impacts include creation of administrative users and deletion or modification of data in the application database. Data exfiltration via SQL injection is not possible using this vulnerability. Successful unauthenticated exploitation requires a Workflow system with anonymous access enabled, otherwise an authenticated user is required. This issue affects all versions of FileCatalyst Workflow from 5.1.6 Build 135 and earlier.
Credit: df4dee71-de3a-4139-9588-11b62fe6c0ff
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Fortra FileCatalyst Workflow | >5.1.6 | |
| Fortra FileCatalyst Workflow | <5.1.6 | |
| Fortra FileCatalyst Workflow | =5.1.6 | |
| Fortra FileCatalyst Workflow | =5.1.6-build112 | |
| Fortra FileCatalyst Workflow | =5.1.6-build114 | |
| Fortra FileCatalyst Workflow | =5.1.6-build126 | |
| Fortra FileCatalyst Workflow | =5.1.6-build130 | |
| Fortra FileCatalyst Workflow | =5.1.6-build135 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://support.fortra.com/filecatalyst/kb-articles/advisory-6-24-2024-filecatalyst-workflow-sql-injection-vulnerability-YmYwYWY4OTYtNTUzMi1lZjExLTg0MGEtNjA0NWJkMDg3MDA0
- https://www.fortra.com/security/advisory/fi-2024-008
- https://www.tenable.com/security/research/tra-2024-25
- https://www.bleepingcomputer.com/news/security/exploit-for-critical-fortra-filecatalyst-workflow-sqli-flaw-released/
Frequently Asked Questions
What is the severity of CVE-2024-5276?
CVE-2024-5276 is classified as a significant SQL Injection vulnerability that allows attackers to modify application data in Fortra FileCatalyst Workflow.
How do I fix CVE-2024-5276?
To fix CVE-2024-5276, it's recommended to apply patches or updates provided by Fortra for vulnerable versions of FileCatalyst Workflow.
Which versions of Fortra FileCatalyst Workflow are affected by CVE-2024-5276?
CVE-2024-5276 affects Fortra FileCatalyst Workflow version 5.1.6 and earlier.
What are the potential impacts of CVE-2024-5276?
The potential impacts of CVE-2024-5276 include unauthorized creation of administrative users and the deletion or modification of data within the application database.
Can data exfiltration occur due to CVE-2024-5276?
Data exfiltration via SQL injection is not possible with CVE-2024-5276, focusing mainly on modification of existing data.
- agent/weakness
- agent/title
- agent/type
- agent/first-publish-date
- agent/description
- agent/author
- collector/bleeping-computer
- source/BleepingComputer
- alias/CVE-2024-5276
- alias/CVE-2023-0669
- agent/references
- collector/epss-latest
- source/FIRST
- agent/epss
- collector/mitre-cve
- source/MITRE
- agent/trending
- agent/source
- agent/guess-ai
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- collector/nvd-api
- source/NVD
- agent/severity
- agent/last-modified-date
- agent/softwarecombine
- agent/tags
- agent/event
- vendor/fortra
- canonical/fortra filecatalyst workflow
- version/fortra filecatalyst workflow/5.1.6
- version/fortra filecatalyst workflow/5.1.6-build112
- version/fortra filecatalyst workflow/5.1.6-build114
- version/fortra filecatalyst workflow/5.1.6-build126
- version/fortra filecatalyst workflow/5.1.6-build130
- version/fortra filecatalyst workflow/5.1.6-build135