August 30, 2024 at 07:24AM Fortra announced patches for critical vulnerabilities in FileCatalyst Workflow, including a flaw involving leaked credentials (CVE-2024-6633) and a high-severity SQL injection issue (CVE-2024-6632). These vulnerabilities could grant an attacker remote access and perform dangerous operations. The company advises customers to update to FileCatalyst Workflow version 5.1.7 build 156 to mitigate … Read more
August 28, 2024 at 01:06PM Fortra has issued a warning about a serious hardcoded password vulnerability in FileCatalyst Workflow. This flaw has the potential to enable unauthorized access to an internal database, leading to data theft and the acquisition of administrator privileges. Based on the meeting notes, it seems that Fortra is alerting about a … Read more
August 28, 2024 at 12:51PM Fortra has patched a critical security flaw in FileCatalyst Workflow (CVE-2024-6633) that could give remote attackers admin access via HSQL database. Tenable discovered flaws, one allowing SQL injection (CVE-2024-6632). Responsible disclosure led to patch release in version 5.1.7, fixing both vulnerabilities. Follow us on Twitter and LinkedIn for more exclusive … Read more
June 27, 2024 at 03:36AM A critical security flaw, tracked as CVE-2024-5276, has been disclosed in Fortra FileCatalyst Workflow, allowing attackers to tamper with the application database. The vulnerability, with a CVSS score of 9.8, impacts versions 5.1.6 Build 135 and earlier, but has been addressed in version 5.1.6 build 139. Tenable released a proof-of-concept … Read more