High severity7.8NVD Advisory· Published Jun 18, 2024· Updated Apr 15, 2026
CVE-2024-5275
CVE-2024-5275
Description
A hard-coded password in the FileCatalyst TransferAgent can be found which can be used to unlock the keystore from which contents may be read out, for example, the private key for certificates. Exploit of this vulnerability could lead to a machine-in-the-middle (MiTM) attack against users of the agent. This issue affects all versions of FileCatalyst Direct from 3.8.10 Build 138 and earlier and all versions of FileCatalyst Workflow from 5.1.6 Build 130 and earlier.
Affected products
2- Range: <=3.8.14
- Range: <=5.1.6 Build 130
Patches
Vulnerability mechanics
References
2News mentions
0No linked articles in our index yet.