CVE-2024-5276

CRITICAL

CVSS v3

9.1

CRITICAL

EPSS Score

85.4%

exploit probability

CISA KEV

No

known exploited

Exploitation

SSVC status

Description

A SQL Injection vulnerability in Fortra FileCatalyst Workflow allows an attacker to modify application data.  Likely impacts include creation of administrative users and deletion or modification of data in the application database. Data exfiltration via SQL injection is not possible using this vulnerability. Successful unauthenticated exploitation requires a Workflow system with anonymous access enabled, otherwise an authenticated user is required. This issue affects all versions of FileCatalyst Workflow from 5.1.6 Build 135 and earlier.

Technical Details

Published
6/25/2024

Frequently Asked Questions

What is CVE-2024-5276?

A SQL Injection vulnerability in Fortra FileCatalyst Workflow allows an attacker to modify application data.  Likely impacts include creation of administrative users and deletion or modification of data in the application database. Data exfiltration via SQL injection is not possible using this vulnerability. Successful unauthenticated exploitation requires a Workflow system with anonymous access enabled, otherwise an authenticated user is required. This issue affects all versions of FileCatalyst Workflow from 5.1.6 Build 135 and earlier.

Is CVE-2024-5276 actively exploited?

Active exploitation of CVE-2024-5276 has not been confirmed. The EPSS score is 85.4%, indicating the estimated probability of exploitation in the next 30 days.

What is the CVSS score for CVE-2024-5276?

CVE-2024-5276 has a CVSS v3 base score of 9.1 (CRITICAL severity).

Is CVE-2024-5276 affecting your environment?

Use isMalicious to check if any of your IPs or domains are associated with this vulnerability's IOCs.