Filecatalyst Direct
Approved changes feed: RSS · Atom
cpe:2.3:a:fortra:filecatalyst_direct:3.7:*:*:*:*:*:*:*
part: a version: 3.7 update: *
| Vendor | Fortra (f14f6bd1-8bf2-53f9-b0d6-b2745f517ba7) |
|---|---|
| Product | Filecatalyst Direct (e7eb0c4b-de4d-5b86-8383-da3c74887a0d) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2024-5275 |
vulnerable | 2026-06-03 14:57:52.259997 |
Hard-coded password in FileCatalyst Direct 3.8.10 Build 138 TransferAgent (and earlier) and FileCatalyst Workflow 5.1.6 Build 130 (and earlier)
HIGH (7.8)
A hard-coded password in the FileCatalyst TransferAgent can be found which can be used to unlock the keystore from which contents may be read out, for example, the private key for certificates. Exploit of this vulnerability could lead to a machine-in-the-middle (MiTM) attack against users of the agent. This issue affects all versions of FileCatalyst Direct from 3.8.10 Build 138 and earlier and all versions of FileCatalyst Workflow from 5.1.6 Build 130 and earlier.
Published: 2024-06-18T14:11:37.005Z
Updated: 2024-08-01T21:11:12.408Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.