Professional Documents
Culture Documents
CERT-In Vulnerability Notes
CERT-In Vulnerability Notes
Software Affected
Overview
A vulnerability has been reported in Fortra GoAnywhere MFT, which could allow a remote attacker to bypass security restrictions
on the target system.
Description
This vulnerability exists in Fortra GoAnywhere MFT due to direct request attacks in the "/InitialAccountSetup.xhtml" endpoint. A
remote attacker could exploit this vulnerability to bypass security restrictions to create an admin user via the administration portal.
Successful exploitation of this vulnerability could allow the attacker to conduct further attacks on the target system.
Mitigations:
• For non-container deployments, delete the InitialAccountSetup.xhtml file in the installation directory and restart the
services.
• For container deployments, replace the InitialAccountSetup.xhtml file with an empty file and restart the services.
Solution
Vendor Information
Fortra
https://www.fortra.com/security/advisory/fi-2024-001
References
https://www.fortra.com/security/advisory/fi-2024-001
https://github.com/horizon3ai/CVE-2024-0204
https://thehackernews.com/2024/01/patch-your-goanywhere-mft-immediately.html
CVE Name
CVE-2024-0204
Disclaimer
The information provided herein is on "as is" basis, without warranty of any kind.
Contact Information
1 of 2 24-01-2024, 04:18 pm
CERT-In Vulnerability Notes https://www.cert-in.org.in/s2cMainServlet?pageid=PUBVLNOTES0...
Email: info@cert-in.org.in
Phone: +91-11-22902657
Postal address
2 of 2 24-01-2024, 04:18 pm