Security News > 2024 > August > Fortra Issues Patch for High-Risk FileCatalyst Workflow Security Vulnerability
2024-08-28 16:14
Fortra has addressed a critical security flaw impacting FileCatalyst Workflow that could be abused by a remote attacker to gain administrative access. The vulnerability, tracked as CVE-2024-6633, carries a CVSS score of 9.8, and stems from the use of a static password to connect to a HSQL database. "The default credentials for the setup HSQL database (HSQLDB) for FileCatalyst Workflow are
News URL
https://thehackernews.com/2024/08/fortra-issues-patch-for-high-risk.html
Related news
- Patch Tuesday: January 2025 Security Update Patches Exploited Elevation of Privilege Attacks (source)
- 7-Zip fixes bug that bypasses Windows MoTW security warnings, patch now (source)
- Asus lets processor security fix slip out early, AMD confirms patch in progress (source)
- Zyxel CPE devices under attack via critical vulnerability without a patch (CVE-2024-40891) (source)
- Citrix Releases Security Fix for NetScaler Console Privilege Escalation Vulnerability (source)
- MITRE Caldera RCE vulnerability with public PoC fixed, patch ASAP! (CVE-2025–27364) (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-08-27 | CVE-2024-6633 | Use of Hard-coded Credentials vulnerability in Fortra Filecatalyst Workflow The default credentials for the setup HSQL database (HSQLDB) for FileCatalyst Workflow are published in a vendor knowledgebase article. | 9.8 |