Fortra Latest Vulnerabilities

October 9

Fortra's RSEA Vulnerability Exposes FTP Credentials

CVE-2024-8264
FortraRobot Schedule5.5MEDIUM

August 27

SQL Injection Vulnerability in FileCatalyst Workflow

CVE-2024-6632
FortraFilecatalyst Workflow7.2HIGH

Vulnerability in HSQLDB Could Lead to Compromise of Confidentiality, Integrity, or Availability of FileCatalyst Workflow

CVE-2024-6633
FortraFilecatalyst Workflow9.8CRITICAL

August 14

Unauthorized Information Disclosure or Modification Vulnerability in GoAnywhere MFT Prior to 7.6.0

CVE-2024-25157
FortraGoanywhere Mft6.5MEDIUM

June 25

SQL Injection Vulnerability in FileCatalyst Workflow Allows Modification of Application Data

CVE-2024-5276
FortraFilecatalyst Workflow๐Ÿ‘พ9.8CRITICAL

June 18

Hard-coded Password Vulnerability in FileCatalyst TransferAgent Could Lead to MiTM Attacks

CVE-2024-5275
FortraFilecatalyst Direct7.8HIGH

June 3

UnAuthenticated Bypass Vulnerability in Tripwire Enterprise 9.1.0

CVE-2024-4332
FortraTripwire Enterprise

March 28

Low-Privileged User Can Elevate Privileges Through Service Executable Overwrite

CVE-2024-0259
FortraRobot Schedule Enterpr...7.3HIGH

March 14

Path Traversal Vulnerability in GoAnywhere MFT

CVE-2024-25156
FortraGoanywhere Mft6.5MEDIUM

March 13

Arbitrary Code Execution Vulnerability in FileCatalyst Web Server

CVE-2024-25155
FortraFilecatalyst7.2HIGH

Path Traversal Vulnerability in FileCatalyst Direct Could Lead to Data Leakage

CVE-2024-25154
FortraFilecatalyst5.3MEDIUM

Directory Traversal Vulnerability in FileCatalyst Workflow Web Portal Allows File Upload Outside Intended Directory

CVE-2024-25153
FortraFilecatalyst๐Ÿ‘พ9.8CRITICAL

January 22

Unauthorized Access to Admin User Accounts via Administration Portal

CVE-2024-0204
FortraGoAnywhere MFT๐Ÿ˜„๐Ÿ‘พ9.8CRITICAL

November 22

Saved Uninstall Key in Digital Guardian Agent Uninstaller

CVE-2023-6253
FortraDigital Guardian Agent 6MEDIUM

September 19

CVE-2021-26837
FortraDelivernow9.8CRITICAL

June 22

Fortra Globalscape Administration Server Information Disclosure

CVE-2023-2991
FortraGlobalscape Eft5.3MEDIUM

Fortra Globalscape Administration Server Denial of Service

CVE-2023-2990
FortraGlobalscape Eft7.5HIGH

Fortra Globalscape Administration Server Out of Bounds Memory Read

CVE-2023-2989
FortraGlobalscape Eft9.1CRITICAL

February 6

GoAnywhere MFT suffers from pre-authentication command injection vulnerability

CVE-2023-0669
FortraGoanywhere MFT๐Ÿ‘พ7.2HIGH