CVE-2024-5275
HIGHSeverity by source
AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Primary rating from Vendor (df4dee71-de3a-4139-9588-11b62fe6c0ff) · only source for this CVE.
CVSS VectorVendor: df4dee71-de3a-4139-9588-11b62fe6c0ff
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Lifecycle Timeline
1DescriptionCVE.org
A hard-coded password in the FileCatalyst TransferAgent can be found which can be used to unlock the keystore from which contents may be read out, for example, the private key for certificates. Exploit of this vulnerability could lead to a machine-in-the-middle (MiTM) attack against users of the agent. This issue affects all versions of FileCatalyst Direct from 3.8.10 Build 138 and earlier and all versions of FileCatalyst Workflow from 5.1.6 Build 130 and earlier.
AnalysisAI
A hard-coded password in the FileCatalyst TransferAgent can be found which can be used to unlock the keystore from which contents may be read out, for example, the private key for certificates. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
Technical ContextAI
This vulnerability is classified under CWE-259. A hard-coded password in the FileCatalyst TransferAgent can be found which can be used to unlock the keystore from which contents may be read out, for example, the private key for certificates. Exploit of this vulnerability could lead to a machine-in-the-middle (MiTM) attack against users of the agent.8.10 Build 138 and earlier and all versions of FileCatalyst Workflow from 5.1.6 Build 130 and earlier.
Affected ProductsAI
See vendor advisory for affected versions.
RemediationAI
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.
Same weakness CWE-259 – Use of Hard-coded Password
View allSame technique Authentication Bypass
View allShare
External POC / Exploit Code
Leaving vuln.today