WEB Fortra GoAnywhere MFT Authentication Bypass Deep-Dive (CVE-2024-0204)

Rule ID

1234373

Severity

Critical

Description

Authentication bypass in Fortra's GoAnywhere MFT prior to 7.4.1 allows an unauthorized user to create an admin user via the administration portal.

Impact

Information disclosure

Recommendation

Update vendor's patch.

IPS Category

Web threats

IPS Anomaly Group

N/A

IPS Rule Default Action

Deny

References

CVE-2024-0204

T1059

T1190

T1068

Keywords

N/A

Date Created

2024/01/24

Last Updated

2026/01/22

This website uses cookies to ensure you get the best experience on our website.