CVE-2024-5275

Hard-coded password in FileCatalyst Direct 3.8.10 Build 138 TransferAgent (and earlier) and FileCatalyst Workflow 5.1.6 Build 130 (and earlier)

Severity Score

7.8

*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

Track*

*SSVC

Descriptions

A hard-coded password in the FileCatalyst TransferAgent can be found which can be used to unlock the keystore from which contents may be read out, for example, the private key for certificates. Exploit of this vulnerability could lead to a machine-in-the-middle (MiTM) attack against users of the agent. This issue affects all versions of FileCatalyst Direct from 3.8.10 Build 138 and earlier and all versions of FileCatalyst Workflow from 5.1.6 Build 130 and earlier.

Se puede encontrar una contraseña codificada en FileCatalyst TransferAgent que se puede usar para desbloquear el almacén de claves desde el cual se pueden leer los contenidos, por ejemplo, la clave privada para los certificados. La explotación de esta vulnerabilidad podría dar lugar a un ataque de máquina intermedia (MiTM) contra los usuarios del agente. Este problema afecta a todas las versiones de FileCatalyst Direct desde 3.8.10 Build 138 y anteriores y a todas las versiones de FileCatalyst Workflow desde 5.1.6 Build 130 y anteriores.

*Credits: Greg at Palmer Research

CVSS Scores

Fortrav3.1 7.8

Attack Vector

Local

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

* Common Vulnerability Scoring System

SSVC

Decision:Track*

Exploitation

None

Automatable

Tech. Impact

Total

* Organization's Worst-case Scenario

Timeline

2024-05-23 CVE Reserved
2024-06-18 CVE Published
2024-06-19 EPSS Updated
2024-08-01 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-259: Use of Hard-coded Password

CAPEC

CAPEC-191: Read Sensitive Constants Within an Executable

References (2)

URL	Tag	Source
https://support.fortra.com/filecatalyst/kb-articles/action-required-by-june-18th-2024-filecatalyst-transferagent-ssl-and-localhost-changes-MWQwYjI3ZGItZmQyMS1lZjExLTg0MGItMDAyMjQ4MGE0MDNm

URL	Date	SRC

URL	Date	SRC

URL	Date	SRC
https://www.fortra.com/security/advisory/fi-2024-007	2024-06-20

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Fortra Search vendor "Fortra"		FileCatalyst Direct Search vendor "Fortra" for product "FileCatalyst Direct"				>= 3.7.0.0 <= 3.8.10.138 Search vendor "Fortra" for product "FileCatalyst Direct" and version " >= 3.7.0.0 <= 3.8.10.138"		en		Affected
Fortra Search vendor "Fortra"		FileCatalyst Workflow Search vendor "Fortra" for product "FileCatalyst Workflow"				>= 4.9.8.0 <= 5.1.6.130 Search vendor "Fortra" for product "FileCatalyst Workflow" and version " >= 4.9.8.0 <= 5.1.6.130"		en		Affected