HTTP: Fortra FileCatalyst Workflow JOBID SQL Injection
This signature detects attempts to exploit a known vulnerability against Fortra. A successful attack can lead to command injection and arbitrary code execution.
Extended Description
A SQL Injection vulnerability in Fortra FileCatalyst Workflow allows an attacker to modify application data. Likely impacts include creation of administrative users and deletion or modification of data in the application database. Data exfiltration via SQL injection is not possible using this vulnerability. Successful unauthenticated exploitation requires a Workflow system with anonymous access enabled, otherwise an authenticated user is required.This issue affects all versions of FileCatalyst Workflow from 5.1.6 Build 135 and earlier.
Affected Products
Fortra filecatalyst_workflow
Short Name
HTTP:SQL:INJ:FORTRA-FL-CATALYST
Severity
Major
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
CVE-2024-5276 FileCatalyst Fortra Injection JOBID SQL Workflow
Release Date
07/24/2024
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3797
False Positive
Unknown
Vendors
Fortra