Application security, Vulnerability Management
App database tampering likely with critical Fortra FileCatalyst Workflow bug

(Stock Photo, Getty Images)
Vulnerable Fortra FileCatalyst Workflow instances impacted by the already addressed critical SQL injection flaw, tracked as CVE-2024-5276, could be targeted with attacks resulting in admin user creation and app data modifications, according to The Hacker News. Both authenticated and unauthenticated users could leverage the vulnerability, which affects FileCatalyst Workflow versions 5.1.6 Build 135 and earlier, although activation of anonymous access within the Workflow system is needed for successful exploitation by the latter, said Fortra in an advisory. Immediate implementation of an issued update was urged but Fortra noted that several impacted servlets within the Apache Tomcat installation directory's "web.xml" file could also be conducted as a temporary fix. Such an issue was identified and reported by Tenable in May. "A user-supplied jobID is used to form the WHERE clause in an SQL query. An anonymous remote attacker can perform SQLi via the JOBID parameter in various URL endpoints of the workflow web application," said Tenable.
An In-Depth Guide to Application Security
Get essential knowledge and practical strategies to fortify your applications.
Related Events
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news
You can skip this ad in 5 seconds