Fortra has issued a critical security advisory for a hard-coded password vulnerability in its FileCatalyst software, specifically affecting the TransferAgent component. This flaw, identified as CVE-2024-5275, poses a significant risk as it could be exploited in machine-in-the-middle (MiTM) attacks. The vulnerability arises from a hard-coded password that can be used to unlock the keystore containing sensitive information, such as private keys for certificates, making it a severe security concern.
The flaw impacts all versions of FileCatalyst Direct up to and including 3.8.10 Build 138 and all versions of FileCatalyst Workflow up to and including 5.1.6 Build 130. If exploited, attackers could intercept and manipulate data, compromising the confidentiality, integrity, and availability of the affected systems. The vulnerability has been assigned a high severity rating with a CVSS v3.1 score of 7.8, underscoring the critical nature of the issue.
To mitigate the risk, Fortra recommends that users upgrade to FileCatalyst Direct version 3.8.10 Build 144 or higher and FileCatalyst Workflow version 5.1.6 Build 133 or later. For those using the FileCatalyst TransferAgent remotely, it’s advised to update REST calls to “http” or generate a new SSL key if “https” is necessary. Fortra has also published detailed guidance on these updates in a knowledge article.
This vulnerability highlights the importance of regular software updates and diligent security practices. Users are urged to follow Fortra’s recommendations promptly to protect their systems from potential exploits and ensure their data remains secure.
Reference:
