Vulnerabilites related to fortra - filecatalyst_workflow
CVE-2024-5276 (GCVE-0-2024-5276)
Vulnerability from cvelistv5
Published
2024-06-25 19:13
Modified
2024-08-01 21:11
Severity ?
VLAI Severity ?
EPSS score ?
CWE
Summary
A SQL Injection vulnerability in Fortra FileCatalyst Workflow allows an attacker to modify application data. Likely impacts include creation of administrative users and deletion or modification of data in the application database. Data exfiltration via SQL injection is not possible using this vulnerability. Successful unauthenticated exploitation requires a Workflow system with anonymous access enabled, otherwise an authenticated user is required. This issue affects all versions of FileCatalyst Workflow from 5.1.6 Build 135 and earlier.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Fortra | FileCatalyst Workflow |
Version: 5.1.6; 0 |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:fortra:filecatalyst:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "filecatalyst",
"vendor": "fortra",
"versions": [
{
"status": "affected",
"version": "5.1.6; 0"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-5276",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-27T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-28T03:55:12.770Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T21:11:12.427Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://support.fortra.com/filecatalyst/kb-articles/advisory-6-24-2024-filecatalyst-workflow-sql-injection-vulnerability-YmYwYWY4OTYtNTUzMi1lZjExLTg0MGEtNjA0NWJkMDg3MDA0"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.fortra.com/security/advisory/fi-2024-008"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.tenable.com/security/research/tra-2024-25"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"modules": [
"Workflow"
],
"product": "FileCatalyst Workflow",
"vendor": "Fortra",
"versions": [
{
"status": "affected",
"version": "5.1.6; 0"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "Tenable Research"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A SQL Injection vulnerability in Fortra FileCatalyst Workflow allows an attacker to modify application data.\u0026nbsp; Likely impacts include creation of administrative users and deletion or modification of data in the application database. Data exfiltration via SQL injection is not possible using this vulnerability. Successful unauthenticated exploitation requires a Workflow system with anonymous access enabled, otherwise an authenticated user is required.\u0026nbsp;\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eThis issue affects all versions of FileCatalyst Workflow from 5.1.6 Build 135 and earlier.\u003c/span\u003e\n\n"
}
],
"value": "A SQL Injection vulnerability in Fortra FileCatalyst Workflow allows an attacker to modify application data.\u00a0 Likely impacts include creation of administrative users and deletion or modification of data in the application database. Data exfiltration via SQL injection is not possible using this vulnerability. Successful unauthenticated exploitation requires a Workflow system with anonymous access enabled, otherwise an authenticated user is required.\u00a0This issue affects all versions of FileCatalyst Workflow from 5.1.6 Build 135 and earlier."
}
],
"impacts": [
{
"capecId": "CAPEC-66",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-66 SQL Injection"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-89",
"description": "CWE-89 Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-25T19:13:54.585Z",
"orgId": "df4dee71-de3a-4139-9588-11b62fe6c0ff",
"shortName": "Fortra"
},
"references": [
{
"url": "https://support.fortra.com/filecatalyst/kb-articles/advisory-6-24-2024-filecatalyst-workflow-sql-injection-vulnerability-YmYwYWY4OTYtNTUzMi1lZjExLTg0MGEtNjA0NWJkMDg3MDA0"
},
{
"url": "https://www.fortra.com/security/advisory/fi-2024-008"
},
{
"url": "https://www.tenable.com/security/research/tra-2024-25"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "SQL Injection Vulnerability in FileCatalyst Workflow 5.1.6 Build 135 (and earlier)",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "df4dee71-de3a-4139-9588-11b62fe6c0ff",
"assignerShortName": "Fortra",
"cveId": "CVE-2024-5276",
"datePublished": "2024-06-25T19:13:54.585Z",
"dateReserved": "2024-05-23T16:28:47.722Z",
"dateUpdated": "2024-08-01T21:11:12.427Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-6632 (GCVE-0-2024-6632)
Vulnerability from cvelistv5
Published
2024-08-27 14:12
Modified
2024-08-29 03:55
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Summary
A vulnerability exists in FileCatalyst Workflow whereby a field accessible to the super admin can be used to perform an SQL injection attack which can lead to a loss of confidentiality, integrity, and availability.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Fortra | FileCatalyst Workflow |
Version: 5.0.4 ≤ 5.1.6 Build 139 |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:fortra:filecatalyst_workflow:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "filecatalyst_workflow",
"vendor": "fortra",
"versions": [
{
"lessThanOrEqual": "5.1.6",
"status": "affected",
"version": "5.0.4",
"versionType": "semver"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-6632",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-28T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-29T03:55:31.502Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "FileCatalyst Workflow",
"vendor": "Fortra",
"versions": [
{
"lessThanOrEqual": "5.1.6 Build 139",
"status": "affected",
"version": "5.0.4",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Dynatrace Security Research"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cdiv\u003e\u003cdiv\u003eA vulnerability exists in FileCatalyst Workflow whereby a field accessible to the super admin can be used to perform an SQL injection attack which can lead to a loss of confidentiality, integrity, and availability.\u003c/div\u003e\u003c/div\u003e"
}
],
"value": "A vulnerability exists in FileCatalyst Workflow whereby a field accessible to the super admin can be used to perform an SQL injection attack which can lead to a loss of confidentiality, integrity, and availability."
}
],
"impacts": [
{
"capecId": "CAPEC-66",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-66 SQL Injection"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-89",
"description": "CWE-89 Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-27T14:12:12.272Z",
"orgId": "df4dee71-de3a-4139-9588-11b62fe6c0ff",
"shortName": "Fortra"
},
"references": [
{
"url": "https://www.fortra.com/security/advisories/product-security/fi-2024-010"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Upgrade to FileCatalyst Workflow 5.1.7 or later."
}
],
"value": "Upgrade to FileCatalyst Workflow 5.1.7 or later."
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "SQL Injection in FileCatalyst Workflow 5.1.6 Build 139 (and earlier)",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "df4dee71-de3a-4139-9588-11b62fe6c0ff",
"assignerShortName": "Fortra",
"cveId": "CVE-2024-6632",
"datePublished": "2024-08-27T14:12:12.272Z",
"dateReserved": "2024-07-09T20:01:49.676Z",
"dateUpdated": "2024-08-29T03:55:31.502Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-25153 (GCVE-0-2024-25153)
Vulnerability from cvelistv5
Published
2024-03-13 14:10
Modified
2024-08-01 23:36
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-472 - External Control of Assumed-Immutable Web Parameter
Summary
A directory traversal within the ‘ftpservlet’ of the FileCatalyst Workflow Web Portal allows files to be uploaded outside of the intended ‘uploadtemp’ directory with a specially crafted POST request. In situations where a file is successfully uploaded to web portal’s DocumentRoot, specially crafted JSP files could be used to execute code, including web shells.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Fortra | FileCatalyst |
Version: 5.1.4 < 5.1.6 |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:fortra:filecatalyst:5.1.4:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "filecatalyst",
"vendor": "fortra",
"versions": [
{
"lessThan": "5.1.6",
"status": "affected",
"version": "5.1.4",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-25153",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-04-12T04:00:26.438198Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-15T18:43:25.673Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T23:36:21.630Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.fortra.com/security/advisory/fi-2024-002"
},
{
"tags": [
"x_transferred"
],
"url": "https://filecatalyst.software/public/filecatalyst/Workflow/5.1.6.114/fcweb_releasenotes.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"modules": [
"Workflow"
],
"product": "FileCatalyst",
"vendor": "Fortra",
"versions": [
{
"changes": [
{
"at": "Build 114",
"status": "unaffected"
}
],
"lessThan": "5.1.6",
"status": "affected",
"version": "5.1.4",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Tom Wedgbury, LRQA Nettitude"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A directory traversal within the \u2018ftpservlet\u2019 of the FileCatalyst Workflow Web Portal allows files to be uploaded outside of the intended \u2018uploadtemp\u2019 directory with a specially crafted POST request. In situations where a file is successfully uploaded to web portal\u2019s DocumentRoot, specially crafted JSP files could be used to execute code, including web shells."
}
],
"value": "A directory traversal within the \u2018ftpservlet\u2019 of the FileCatalyst Workflow Web Portal allows files to be uploaded outside of the intended \u2018uploadtemp\u2019 directory with a specially crafted POST request. In situations where a file is successfully uploaded to web portal\u2019s DocumentRoot, specially crafted JSP files could be used to execute code, including web shells."
}
],
"impacts": [
{
"capecId": "CAPEC-650",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-650 Upload a Web Shell to a Web Server"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-472",
"description": "CWE-472 External Control of Assumed-Immutable Web Parameter",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-03-13T14:10:36.029Z",
"orgId": "df4dee71-de3a-4139-9588-11b62fe6c0ff",
"shortName": "Fortra"
},
"references": [
{
"url": "https://www.fortra.com/security/advisory/fi-2024-002"
},
{
"url": "https://filecatalyst.software/public/filecatalyst/Workflow/5.1.6.114/fcweb_releasenotes.html"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Upgrade to FileCatalyst 5.1.6 Build 114 or later to remediate this issue."
}
],
"value": "Upgrade to FileCatalyst 5.1.6 Build 114 or later to remediate this issue."
}
],
"source": {
"discovery": "UNKNOWN"
},
"timeline": [
{
"lang": "en",
"time": "2023-08-07T07:00:00.000Z",
"value": "Discovered"
},
{
"lang": "en",
"time": "2023-08-09T07:00:00.000Z",
"value": "Vendor Informed"
},
{
"lang": "en",
"time": "2023-08-11T07:00:00.000Z",
"value": "Patch Released"
}
],
"title": "Remote Code Execution in FileCatalyst Workflow 5.x prior to 5.1.6 Build 114",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "df4dee71-de3a-4139-9588-11b62fe6c0ff",
"assignerShortName": "Fortra",
"cveId": "CVE-2024-25153",
"datePublished": "2024-03-13T14:10:36.029Z",
"dateReserved": "2024-02-06T21:23:57.924Z",
"dateUpdated": "2024-08-01T23:36:21.630Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-6633 (GCVE-0-2024-6633)
Vulnerability from cvelistv5
Published
2024-08-27 14:11
Modified
2025-08-29 20:21
Severity ?
VLAI Severity ?
EPSS score ?
CWE
Summary
The default credentials for the setup HSQL database (HSQLDB) for FileCatalyst Workflow are published in a vendor knowledgebase article. Misuse of these credentials could lead to a compromise of confidentiality, integrity, or availability of the software.
The HSQLDB is only included to facilitate installation, has been deprecated, and is not intended for production use per vendor guides. However, users who have not configured FileCatalyst Workflow to use an alternative database per recommendations are vulnerable to attack from any source that can reach the HSQLDB.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Fortra | FileCatalyst Workflow |
Version: 5.0.4 ≤ 5.1.6 Build 139 |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:fortra:filecatalyst_workflow:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "filecatalyst_workflow",
"vendor": "fortra",
"versions": [
{
"lessThanOrEqual": "5.1.6.139",
"status": "affected",
"version": "5.0.4",
"versionType": "semver"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-6633",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-28T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-29T03:55:32.406Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "FileCatalyst Workflow",
"vendor": "Fortra",
"versions": [
{
"lessThanOrEqual": "5.1.6 Build 139",
"status": "affected",
"version": "5.0.4",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Tenable Research"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cdiv\u003eThe default credentials for the setup HSQL database (HSQLDB) for FileCatalyst Workflow are published in a vendor knowledgebase article. Misuse of these credentials could lead to a compromise of confidentiality, integrity, or availability of the software.\u003cbr\u003e\u003cbr\u003eThe HSQLDB is only included to facilitate installation, has been deprecated, and is not intended for production use per vendor guides. However, users who have not configured FileCatalyst Workflow to use an alternative database per recommendations are vulnerable to attack from any source that can reach the HSQLDB.\u003c/div\u003e"
}
],
"value": "The default credentials for the setup HSQL database (HSQLDB) for FileCatalyst Workflow are published in a vendor knowledgebase article. Misuse of these credentials could lead to a compromise of confidentiality, integrity, or availability of the software.\n\nThe HSQLDB is only included to facilitate installation, has been deprecated, and is not intended for production use per vendor guides. However, users who have not configured FileCatalyst Workflow to use an alternative database per recommendations are vulnerable to attack from any source that can reach the HSQLDB."
}
],
"impacts": [
{
"capecId": "CAPEC-70",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-70: Try Common or Default Usernames and Passwords"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-798",
"description": "CWE-798 Use of Hard-coded Credentials",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-08-29T20:21:54.534Z",
"orgId": "df4dee71-de3a-4139-9588-11b62fe6c0ff",
"shortName": "Fortra"
},
"references": [
{
"url": "https://www.fortra.com/security/advisories/product-security/fi-2024-011"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Upgrade to FileCatalyst Workflow 5.1.7 or later."
}
],
"value": "Upgrade to FileCatalyst Workflow 5.1.7 or later."
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Insecure Default in FileCatalyst Workflow 5.1.6 Build 139 (and earlier)",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "df4dee71-de3a-4139-9588-11b62fe6c0ff",
"assignerShortName": "Fortra",
"cveId": "CVE-2024-6633",
"datePublished": "2024-08-27T14:11:24.527Z",
"dateReserved": "2024-07-09T20:02:00.215Z",
"dateUpdated": "2025-08-29T20:21:54.534Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Vulnerability from fkie_nvd
Published
2024-06-25 20:15
Modified
2025-04-04 23:59
Severity ?
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.1 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
9.1 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
Summary
A SQL Injection vulnerability in Fortra FileCatalyst Workflow allows an attacker to modify application data. Likely impacts include creation of administrative users and deletion or modification of data in the application database. Data exfiltration via SQL injection is not possible using this vulnerability. Successful unauthenticated exploitation requires a Workflow system with anonymous access enabled, otherwise an authenticated user is required. This issue affects all versions of FileCatalyst Workflow from 5.1.6 Build 135 and earlier.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| fortra | filecatalyst_workflow | * | |
| fortra | filecatalyst_workflow | 5.1.6 | |
| fortra | filecatalyst_workflow | 5.1.6 | |
| fortra | filecatalyst_workflow | 5.1.6 | |
| fortra | filecatalyst_workflow | 5.1.6 | |
| fortra | filecatalyst_workflow | 5.1.6 | |
| fortra | filecatalyst_workflow | 5.1.6 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:fortra:filecatalyst_workflow:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1C632AF0-F353-4C2D-B753-01AFE9FB823E",
"versionEndExcluding": "5.1.6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortra:filecatalyst_workflow:5.1.6:-:*:*:*:*:*:*",
"matchCriteriaId": "A949B5C7-EF1E-4B86-BC17-96A760DC3A76",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortra:filecatalyst_workflow:5.1.6:build112:*:*:*:*:*:*",
"matchCriteriaId": "1C338109-0CF4-4212-BF34-A3ECBEC7FDA2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortra:filecatalyst_workflow:5.1.6:build114:*:*:*:*:*:*",
"matchCriteriaId": "D456C621-CB8F-4156-B17B-BCF6D4577D50",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortra:filecatalyst_workflow:5.1.6:build126:*:*:*:*:*:*",
"matchCriteriaId": "0A5A4EF1-E857-4B2A-85AE-86E36BDA6719",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortra:filecatalyst_workflow:5.1.6:build130:*:*:*:*:*:*",
"matchCriteriaId": "0522BC87-832E-43AE-8F05-75F7209B1D4C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortra:filecatalyst_workflow:5.1.6:build135:*:*:*:*:*:*",
"matchCriteriaId": "D02F4F65-9D40-47CC-B50B-46A9D208A549",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A SQL Injection vulnerability in Fortra FileCatalyst Workflow allows an attacker to modify application data.\u00a0 Likely impacts include creation of administrative users and deletion or modification of data in the application database. Data exfiltration via SQL injection is not possible using this vulnerability. Successful unauthenticated exploitation requires a Workflow system with anonymous access enabled, otherwise an authenticated user is required.\u00a0This issue affects all versions of FileCatalyst Workflow from 5.1.6 Build 135 and earlier."
},
{
"lang": "es",
"value": "Una vulnerabilidad de inyecci\u00f3n SQL en Fortra FileCatalyst Workflow permite a un atacante modificar los datos de la aplicaci\u00f3n. Los impactos probables incluyen la creaci\u00f3n de usuarios administrativos y la eliminaci\u00f3n o modificaci\u00f3n de datos en la base de datos de la aplicaci\u00f3n. La exfiltraci\u00f3n de datos mediante inyecci\u00f3n SQL no es posible gracias a esta vulnerabilidad. La explotaci\u00f3n exitosa sin autenticaci\u00f3n requiere un sistema de flujo de trabajo con acceso an\u00f3nimo habilitado; de lo contrario, se requiere un usuario autenticado. Este problema afecta a todas las versiones de FileCatalyst Workflow desde 5.1.6 Build 135 y anteriores."
}
],
"id": "CVE-2024-5276",
"lastModified": "2025-04-04T23:59:36.307",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "df4dee71-de3a-4139-9588-11b62fe6c0ff",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.2,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-06-25T20:15:14.013",
"references": [
{
"source": "df4dee71-de3a-4139-9588-11b62fe6c0ff",
"tags": [
"Mitigation",
"Vendor Advisory"
],
"url": "https://support.fortra.com/filecatalyst/kb-articles/advisory-6-24-2024-filecatalyst-workflow-sql-injection-vulnerability-YmYwYWY4OTYtNTUzMi1lZjExLTg0MGEtNjA0NWJkMDg3MDA0"
},
{
"source": "df4dee71-de3a-4139-9588-11b62fe6c0ff",
"tags": [
"Vendor Advisory"
],
"url": "https://www.fortra.com/security/advisory/fi-2024-008"
},
{
"source": "df4dee71-de3a-4139-9588-11b62fe6c0ff",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://www.tenable.com/security/research/tra-2024-25"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mitigation",
"Vendor Advisory"
],
"url": "https://support.fortra.com/filecatalyst/kb-articles/advisory-6-24-2024-filecatalyst-workflow-sql-injection-vulnerability-YmYwYWY4OTYtNTUzMi1lZjExLTg0MGEtNjA0NWJkMDg3MDA0"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.fortra.com/security/advisory/fi-2024-008"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://www.tenable.com/security/research/tra-2024-25"
}
],
"sourceIdentifier": "df4dee71-de3a-4139-9588-11b62fe6c0ff",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
},
{
"lang": "en",
"value": "CWE-89"
}
],
"source": "df4dee71-de3a-4139-9588-11b62fe6c0ff",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-89"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-08-27 15:15
Modified
2025-08-29 21:15
Severity ?
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
The default credentials for the setup HSQL database (HSQLDB) for FileCatalyst Workflow are published in a vendor knowledgebase article. Misuse of these credentials could lead to a compromise of confidentiality, integrity, or availability of the software.
The HSQLDB is only included to facilitate installation, has been deprecated, and is not intended for production use per vendor guides. However, users who have not configured FileCatalyst Workflow to use an alternative database per recommendations are vulnerable to attack from any source that can reach the HSQLDB.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| fortra | filecatalyst_workflow | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:fortra:filecatalyst_workflow:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6CDAAF1B-D610-4238-8372-8A6DD3C2FC57",
"versionEndExcluding": "5.1.7",
"versionStartIncluding": "5.0.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The default credentials for the setup HSQL database (HSQLDB) for FileCatalyst Workflow are published in a vendor knowledgebase article. Misuse of these credentials could lead to a compromise of confidentiality, integrity, or availability of the software.\n\nThe HSQLDB is only included to facilitate installation, has been deprecated, and is not intended for production use per vendor guides. However, users who have not configured FileCatalyst Workflow to use an alternative database per recommendations are vulnerable to attack from any source that can reach the HSQLDB."
},
{
"lang": "es",
"value": "Las credenciales predeterminadas para la configuraci\u00f3n de la base de datos HSQL (HSQLDB) para FileCatalyst Workflow se publican en un art\u00edculo de la base de conocimientos del proveedor. El uso indebido de estas credenciales podr\u00eda comprometer la confidencialidad, la integridad o la disponibilidad del software. HSQLDB solo se incluye para facilitar la instalaci\u00f3n, ha quedado obsoleto y no est\u00e1 dise\u00f1ado para uso en producci\u00f3n seg\u00fan las gu\u00edas del proveedor. Sin embargo, los usuarios que no han configurado FileCatalyst Workflow para utilizar una base de datos alternativa seg\u00fan las recomendaciones son vulnerables a ataques desde cualquier fuente que pueda llegar a HSQLDB."
}
],
"id": "CVE-2024-6633",
"lastModified": "2025-08-29T21:15:35.107",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "df4dee71-de3a-4139-9588-11b62fe6c0ff",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-08-27T15:15:17.513",
"references": [
{
"source": "df4dee71-de3a-4139-9588-11b62fe6c0ff",
"tags": [
"Vendor Advisory"
],
"url": "https://www.fortra.com/security/advisories/product-security/fi-2024-011"
}
],
"sourceIdentifier": "df4dee71-de3a-4139-9588-11b62fe6c0ff",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
},
{
"lang": "en",
"value": "CWE-798"
}
],
"source": "df4dee71-de3a-4139-9588-11b62fe6c0ff",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-798"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-08-27 15:15
Modified
2024-08-30 14:07
Severity ?
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
A vulnerability exists in FileCatalyst Workflow whereby a field accessible to the super admin can be used to perform an SQL injection attack which can lead to a loss of confidentiality, integrity, and availability.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| fortra | filecatalyst_workflow | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:fortra:filecatalyst_workflow:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6CDAAF1B-D610-4238-8372-8A6DD3C2FC57",
"versionEndExcluding": "5.1.7",
"versionStartIncluding": "5.0.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability exists in FileCatalyst Workflow whereby a field accessible to the super admin can be used to perform an SQL injection attack which can lead to a loss of confidentiality, integrity, and availability."
},
{
"lang": "es",
"value": "Existe una vulnerabilidad en FileCatalyst Workflow por la cual un campo al que puede acceder el superadministrador se puede utilizar para realizar un ataque de inyecci\u00f3n SQL que puede provocar una p\u00e9rdida de confidencialidad, integridad y disponibilidad."
}
],
"id": "CVE-2024-6632",
"lastModified": "2024-08-30T14:07:18.443",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9,
"source": "df4dee71-de3a-4139-9588-11b62fe6c0ff",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-08-27T15:15:17.300",
"references": [
{
"source": "df4dee71-de3a-4139-9588-11b62fe6c0ff",
"tags": [
"Vendor Advisory"
],
"url": "https://www.fortra.com/security/advisories/product-security/fi-2024-010"
}
],
"sourceIdentifier": "df4dee71-de3a-4139-9588-11b62fe6c0ff",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-89"
}
],
"source": "df4dee71-de3a-4139-9588-11b62fe6c0ff",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-89"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-03-13 15:15
Modified
2025-01-21 19:01
Severity ?
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
A directory traversal within the ‘ftpservlet’ of the FileCatalyst Workflow Web Portal allows files to be uploaded outside of the intended ‘uploadtemp’ directory with a specially crafted POST request. In situations where a file is successfully uploaded to web portal’s DocumentRoot, specially crafted JSP files could be used to execute code, including web shells.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| fortra | filecatalyst_workflow | * | |
| fortra | filecatalyst_workflow | 5.1.6 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:fortra:filecatalyst_workflow:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AC2A7572-B5E1-443B-A63D-FFC98EDD8224",
"versionEndExcluding": "5.1.6",
"versionStartIncluding": "5.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:fortra:filecatalyst_workflow:5.1.6:build112:*:*:*:*:*:*",
"matchCriteriaId": "1C338109-0CF4-4212-BF34-A3ECBEC7FDA2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A directory traversal within the \u2018ftpservlet\u2019 of the FileCatalyst Workflow Web Portal allows files to be uploaded outside of the intended \u2018uploadtemp\u2019 directory with a specially crafted POST request. In situations where a file is successfully uploaded to web portal\u2019s DocumentRoot, specially crafted JSP files could be used to execute code, including web shells."
},
{
"lang": "es",
"value": "Un directory traversal dentro del \u0027ftpservlet\u0027 de FileCatalyst Workflow Web Portal permite cargar archivos fuera del directorio \u0027uploadtemp\u0027 previsto con una solicitud POST especialmente manipulada. En situaciones en las que un archivo se carga correctamente en DocumentRoot del portal web, se pueden utilizar archivos JSP especialmente manipulados para ejecutar c\u00f3digo, incluidos los shells web."
}
],
"id": "CVE-2024-25153",
"lastModified": "2025-01-21T19:01:46.487",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "df4dee71-de3a-4139-9588-11b62fe6c0ff",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-03-13T15:15:50.913",
"references": [
{
"source": "df4dee71-de3a-4139-9588-11b62fe6c0ff",
"tags": [
"Release Notes"
],
"url": "https://filecatalyst.software/public/filecatalyst/Workflow/5.1.6.114/fcweb_releasenotes.html"
},
{
"source": "df4dee71-de3a-4139-9588-11b62fe6c0ff",
"tags": [
"Vendor Advisory"
],
"url": "https://www.fortra.com/security/advisory/fi-2024-002"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes"
],
"url": "https://filecatalyst.software/public/filecatalyst/Workflow/5.1.6.114/fcweb_releasenotes.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.fortra.com/security/advisory/fi-2024-002"
}
],
"sourceIdentifier": "df4dee71-de3a-4139-9588-11b62fe6c0ff",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-472"
}
],
"source": "df4dee71-de3a-4139-9588-11b62fe6c0ff",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-668"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}