Contact us

Solutions

Featured solutions AI Campus and branch Data center WAN Security Service provider Cloud operator Industries

Services

Services

Take me to HPE.com

HTTP: Fortra GoAnywhere MFT Authentication Bypass

This signature detects attempts to exploit a known vulnerability against Fortra GoAnywhere MFT. A successful attack can lead to security bypass.

Extended Description

Authentication bypass in Fortra's GoAnywhere MFT prior to 7.4.1 allows an unauthorized user to create an admin user via the administration portal.

Affected Products

Fortra goanywhere_managed_file_transfer

References

CVE: CVE-2024-0204

URL: https://www.fortra.com/security/advisory/fi-2024-001

Short Name

HTTP:CTS:GO-ANYWHERE-AUTHBY

Severity

Major

Recommended

True

Recommended Action

Drop

Category

HTTP

Keywords

Authentication Bypass CVE-2024-0204 Fortra GoAnywhere MFT

Release Date

01/30/2024

Supported Platforms

srx-branch-12.3

srx-19.3

srx-branch-19.3

vsrx3bsd-19.2

srx-branch-19.4

vsrx-19.4

mx-12.3

mx-19.4

vmx-19.4

mx-19.3

vsrx3bsd-19.4

srx-19.4

vsrx-12.3

vmx-19.3

vsrx-19.2

srx-12.3

Sigpack Version

3674

False Positive

Unknown

Vendors

Fortra