GCVE - cpe:2.3:a:fortra:filecatalyst_workflow:*:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:fortra:filecatalyst_workflow:*:*:*:*:*:*:*:*

part: a version: * update: *

Vendor	Fortra (`f14f6bd1-8bf2-53f9-b0d6-b2745f517ba7`)
Product	Filecatalyst Workflow (`2034c19c-0b00-5381-988b-faa05b4a3ed0`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from gcve-enriched-dumps CVE data

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2024-6633`	vulnerable	2026-06-03 14:58:03.727478	Insecure Default in FileCatalyst Workflow 5.1.6 Build 139 (and earlier) CRITICAL (9.8) The default credentials for the setup HSQL database (HSQLDB) for FileCatalyst Workflow are published in a vendor knowledgebase article. Misuse of these credentials could lead to a compromise of confidentiality, integrity, or availability of the software. The HSQLDB is only included to facilitate installation, has been deprecated, and is not intended for production use per vendor guides. However, users who have not configured FileCatalyst Workflow to use an alternative database per recommendations are vulnerable to attack from any source that can reach the HSQLDB. Published: 2024-08-27T14:11:24.527Z Updated: 2025-08-29T20:21:54.534Z Open on db.gcve.eu Reference links https://www.fortra.com/security/advisories/product-security/fi-2024-011	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2024-6632`	vulnerable	2026-06-03 14:58:03.726880	SQL Injection in FileCatalyst Workflow 5.1.6 Build 139 (and earlier) HIGH (7.2) A vulnerability exists in FileCatalyst Workflow whereby a field accessible to the super admin can be used to perform an SQL injection attack which can lead to a loss of confidentiality, integrity, and availability. Published: 2024-08-27T14:12:12.272Z Updated: 2024-08-29T03:55:31.502Z Open on db.gcve.eu Reference links https://www.fortra.com/security/advisories/product-security/fi-2024-010	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2024-5276`	vulnerable	2026-06-03 14:57:52.264388	SQL Injection Vulnerability in FileCatalyst Workflow 5.1.6 Build 135 (and earlier) CRITICAL (9.8) A SQL Injection vulnerability in Fortra FileCatalyst Workflow allows an attacker to modify application data. Likely impacts include creation of administrative users and deletion or modification of data in the application database. Data exfiltration via SQL injection is not possible using this vulnerability. Successful unauthenticated exploitation requires a Workflow system with anonymous access enabled, otherwise an authenticated user is required. This issue affects all versions of FileCatalyst Workflow from 5.1.6 Build 135 and earlier. Published: 2024-06-25T19:13:54.585Z Updated: 2024-08-01T21:11:12.427Z Open on db.gcve.eu Reference links https://support.fortra.com/filecatalyst/kb-articles/advisory-6-24-2024-filecatalyst-workflow-sql-injection-vulnerability-YmYwYWY4OTYtNTUzMi1lZjExLTg0MGEtNjA0NWJkMDg3MDA0 https://www.fortra.com/security/advisory/fi-2024-008 https://www.tenable.com/security/research/tra-2024-25	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2024-5275`	vulnerable	2026-06-03 14:57:52.263106	Hard-coded password in FileCatalyst Direct 3.8.10 Build 138 TransferAgent (and earlier) and FileCatalyst Workflow 5.1.6 Build 130 (and earlier) HIGH (7.8) A hard-coded password in the FileCatalyst TransferAgent can be found which can be used to unlock the keystore from which contents may be read out, for example, the private key for certificates. Exploit of this vulnerability could lead to a machine-in-the-middle (MiTM) attack against users of the agent. This issue affects all versions of FileCatalyst Direct from 3.8.10 Build 138 and earlier and all versions of FileCatalyst Workflow from 5.1.6 Build 130 and earlier. Published: 2024-06-18T14:11:37.005Z Updated: 2024-08-01T21:11:12.408Z Open on db.gcve.eu Reference links https://www.fortra.com/security/advisory/fi-2024-007 https://support.fortra.com/filecatalyst/kb-articles/action-required-by-june-18th-2024-filecatalyst-transferagent-ssl-and-localhost-changes-MWQwYjI3ZGItZmQyMS1lZjExLTg0MGItMDAyMjQ4MGE0MDNm	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2024-25153`	vulnerable	2026-06-03 14:55:13.228934	Remote Code Execution in FileCatalyst Workflow 5.x prior to 5.1.6 Build 114 CRITICAL (9.8) A directory traversal within the ‘ftpservlet’ of the FileCatalyst Workflow Web Portal allows files to be uploaded outside of the intended ‘uploadtemp’ directory with a specially crafted POST request. In situations where a file is successfully uploaded to web portal’s DocumentRoot, specially crafted JSP files could be used to execute code, including web shells. Published: 2024-03-13T14:10:36.029Z Updated: 2025-09-19T12:46:03.155Z Open on db.gcve.eu Reference links https://www.fortra.com/security/advisory/fi-2024-002 https://filecatalyst.software/public/filecatalyst/Workflow/5.1.6.114/fcweb_releasenotes.html	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.