Hard-coded Password Vulnerability in FileCatalyst TransferAgent Could Lead to MiTM Attacks
CVE-2024-5275

7.8HIGH

Key Information:

Vendor

Fortra
Status
Filecatalyst Direct
Filecatalyst Workflow
Vendor
CVE Published:
18 June 2024

What is CVE-2024-5275?

The vulnerability arises from a hard-coded password embedded in the FileCatalyst TransferAgent, which provides a potential pathway for unauthorized users to access sensitive keystore contents, such as private keys for certificates. This flaw permits attackers to exploit the agent, enabling man-in-the-middle (MiTM) attack scenarios that could compromise the confidentiality and integrity of data being transferred. All versions of FileCatalyst Direct prior to 3.8.10 Build 138 and FileCatalyst Workflow prior to 5.1.6 Build 130 are affected, necessitating immediate mitigation actions by users to secure their environments.

Affected Version(s)

FileCatalyst Direct 3.7 <= 3.8.10.138

FileCatalyst Workflow 4.9.8 <= 5.1.6.130

References

https://www.fortra.com/security/advisory/fi-2024-007
vendor-advisory
https://support.fortra.com/filecatalyst/kb-articles/actio...

CVSS V3.1

Score:
7.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

Greg at Palmer Research
.
CVE-2024-5275 : Hard-coded Password Vulnerability in FileCatalyst TransferAgent Could Lead to MiTM Attacks