A vital safety flaw has been disclosed in Fortra FileCatalyst Workflow that, if left unpatched, might enable an attacker to tamper with the appliance database.
Tracked as CVE-2024-5276, the vulnerability carries a CVSS rating of 9.8. It impacts FileCatalyst Workflow variations 5.1.6 Construct 135 and earlier. It has been addressed in model 5.1.6 construct 139.
“An SQL injection vulnerability in Fortra FileCatalyst Workflow permits an attacker to switch utility knowledge,” Fortra stated in an advisory printed Tuesday. “Possible impacts embrace creation of administrative customers and deletion or modification of knowledge within the utility database.”
It additionally emphasised that profitable unauthenticated exploitation requires a Workflow system with nameless entry enabled. Alternatively, it will also be abused by an authenticated consumer.
Customers who can’t apply the patches instantly can disable the susceptible servlets – csv_servlet, pdf_servlet, xml_servlet, and json_servlet – within the “internet.xml” file positioned within the Apache Tomcat set up listing as momentary workarounds.
Cybersecurity agency Tenable, which reported the flaw on Might 22, 2024, has since launched a proof-of-concept (PoC) exploit for the flaw.
“A user-supplied jobID is used to kind the WHERE clause in an SQL question,” it stated. “An nameless distant attacker can carry out SQLi through the JOBID parameter in varied URL endpoints of the workflow internet utility.”