Hard-coded Password Vulnerability in FileCatalyst TransferAgent Could Lead to MiTM Attacks
CVE-2024-5275

7.8HIGH

Key Information:

Vendor: Fortra
Status: Filecatalyst Direct; Filecatalyst Workflow
Vendor: CVE Published:; 18 June 2024

Summary

The vulnerability arises from a hard-coded password embedded in the FileCatalyst TransferAgent, which provides a potential pathway for unauthorized users to access sensitive keystore contents, such as private keys for certificates. This flaw permits attackers to exploit the agent, enabling man-in-the-middle (MiTM) attack scenarios that could compromise the confidentiality and integrity of data being transferred. All versions of FileCatalyst Direct prior to 3.8.10 Build 138 and FileCatalyst Workflow prior to 5.1.6 Build 130 are affected, necessitating immediate mitigation actions by users to secure their environments.

Affected Version(s)

FileCatalyst Direct 3.7 <= 3.8.10.138

FileCatalyst Workflow 4.9.8 <= 5.1.6.130

References

https://www.fortra.com/security/advisory/fi-2024-007

vendor-advisory

https://support.fortra.com/filecatalyst/kb-articles/actio...

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jun 18, 2024
Vulnerability Reserved
May 23, 2024

Credit

Greg at Palmer Research