A PoC exploit for the SQL Injection vulnerability CVE-2024-5276 in Fortra FileCatalyst Workflow has been released, affecting versions up to 5.1.6 Build 135.
CVE-2024-5276
The SQL Injection vulnerability, discovered on June 18, 2024, is classified under CWE-20 and CWE-89, indicating improper input validation and failure to neutralize special elements in SQL commands.
The vulnerability has a critical CVSS v3.1 score of 9.8 (CVSS:3.1/AV/AC/PR/UI/S/C/I/A).
This attack targets software that constructs SQL statements from user input. An attacker can craft input strings that cause the resulting SQL statements to perform unintended actions. The vulnerability arises from the application’s failure to properly validate input.
This vulnerability could potentially allow attackers to create administrative users and modify or delete data within the application database. However, it does not facilitate data exfiltration via SQL injection.
Successful exploitation of this vulnerability requires unauthenticated access to a Workflow system with anonymous access enabled; otherwise, an authenticated user is necessary.
The vulnerability impacts all versions of FileCatalyst Workflow prior to 5.1.6 Build 135.
Users of affected versions are strongly advised to update to the latest version as soon as a patch becomes available.
Fortra has not yet released an official patch, so users should regularly check the vendor’s advisories for updates.
The recent release of a Proof-of-Concept (PoC) exploit for this critical SQL Injection vulnerability underscores the urgency of applying timely updates and maintaining robust security practices.
Organizations using FileCatalyst Workflow should prioritize securing their systems against potential exploitation.
Follow Us on: Twitter, Instagram, Facebook to get the latest security news!
Leave A Comment