ET WEB_SPECIFIC_APPS Fortra FileCatalyst Workflow Insecure HSQLDB Default Credentials

SID: 2055590Rev: 11 views

Sourceet/open

CreatedAugust 29, 2024

UpdatedAugust 29, 2024

Classificationattempted-admin

alert tcp $EXTERNAL_NET any -> $HOME_NET 4406 (msg:"ET WEB_SPECIFIC_APPS Fortra FileCatalyst Workflow Insecure HSQLDB Default Credentials"; flow:established,to_server; content:"|02|SA"; nocase; content:"|0b|GOSENSGO613"; fast_pattern; distance:3; within:12; reference:url,www.fortra.com/security/advisories/product-security/fi-2024-011; reference:cve,2024-6633; classtype:attempted-admin; sid:2055590; rev:1; metadata:attack_target Server, tls_state plaintext, created_at 2024_08_29, cve CVE_2024_6633, deployment Perimeter, confidence High, signature_severity Critical, updated_at 2024_08_29, mitre_tactic_id TA0001, mitre_tactic_name Initial_Access, mitre_technique_id T1078, mitre_technique_name Valid_Accounts; target:dest_ip;)

References

url	www.fortra.com/security/advisories/product-security/fi-2024-011
cve	2024-6633

Metadata

attack targetServer

tls stateplaintext

created at2024_08_29

cveCVE-2024-6633

deploymentPerimeter

confidenceHigh

signature severityCritical

updated at2024_08_29

mitre tactic idTA0001

mitre tactic nameInitial_Access

mitre technique idT1078

mitre technique nameValid_Accounts

Comments (0)

Please sign in to leave a comment.

No comments yet. Be the first to comment!