A vital security flaw has been disclosed in Fortra FileCatalyst Workflow that, if left unpatched, might permit an attacker to tamper with the appliance database.
Tracked as CVE-2024-5276, the vulnerability carries a CVSS rating of 9.8. It impacts FileCatalyst Workflow variations 5.1.6 Construct 135 and earlier. It has been addressed in model 5.1.6 construct 139.
“An SQL injection vulnerability in Fortra FileCatalyst Workflow permits an attacker to switch software information,” Fortra stated in an advisory printed Tuesday. “Seemingly impacts embrace creation of administrative customers and deletion or modification of knowledge within the software database.”
It additionally emphasised that profitable unauthenticated exploitation requires a Workflow system with nameless entry enabled. Alternatively, it can be abused by an authenticated person.
Customers who can’t apply the patches instantly can disable the weak servlets – csv_servlet, pdf_servlet, xml_servlet, and json_servlet – within the “net.xml” file situated within the Apache Tomcat set up listing as non permanent workarounds.
Cybersecurity agency Tenable, which reported the flaw on Might 22, 2024, has since launched a proof-of-concept (PoC) exploit for the flaw.
“A user-supplied jobID is used to kind the WHERE clause in an SQL question,” it stated. “An nameless distant attacker can carry out SQLi through the JOBID parameter in varied URL endpoints of the workflow net software.”
