CVE-2024-0204: Exploit Details and Defense Strategies

This CVE was published on January 22, 2024, by Fortra. It relates to an authentication bypass vulnerability in Fortra's GoAnywhere MFT with versions prior to 7.4.1.

Understanding CVE-2024-0204

This vulnerability allows an unauthorized user to create an admin user via the administration portal of GoAnywhere MFT.

What is CVE-2024-0204?

The CVE-2024-0204 vulnerability in GoAnywhere MFT prior to version 7.4.1 enables unauthorized users to bypass authentication and create an admin user through the administration portal.

The Impact of CVE-2024-0204

The impact of this vulnerability is rated as critical with a CVSS base score of 9.8. It can lead to high confidentiality, integrity, and availability impacts due to unauthorized admin user creation.

Technical Details of CVE-2024-0204

This section provides more insight into the vulnerability.

Vulnerability Description

The vulnerability involves an authentication bypass in Fortra's GoAnywhere MFT, enabling unauthorized admin user creation.

Affected Systems and Versions

Fortra's GoAnywhere MFT versions prior to 7.4.1 are affected by this vulnerability.

Exploitation Mechanism

Unauthorized users can exploit this vulnerability by creating an admin user through the admin portal.

Mitigation and Prevention

It is crucial to take immediate steps to remediate this vulnerability.

Immediate Steps to Take

Users are advised to upgrade to version 7.4.1 or higher. Additionally, for non-container deployments, deleting the InitialAccountSetup.xhtml file in the install directory and restarting the services can help mitigate the risk.

Long-Term Security Practices

Implementing defense-in-depth tactics to restrict access to the administrative console and avoiding exposure of the console to the internet are recommended long-term security practices.

Patching and Updates

Regularly applying security patches and updates, such as upgrading to version 7.4.1 or higher, is essential for addressing vulnerabilities like CVE-2024-0204.