1 min read

Mitigation Instructions for CVE-2024-0204

Mitigation Instructions for CVE-2024-0204

Subject: Mitigation Instructions for CVE-2024-0204 Fortra's GoAnywhere MFT Vulnerability

Tech Stack: Fortra's GoAnywhere Managed File Transfer (MFT)

Date(s) Issued: First reported on Jan. 22, 2024, with updates on Jan. 24, 2024

Criticality: HIGH (CVSS score: 9.8)

Overview:

CVE-2024-0204 is a critical authentication bypass vulnerability in Fortra's GoAnywhere MFT prior to version 7.4.1. It allows unauthorized users to create an admin user via the admin portal, posing significant security risks.

Solution:

Immediate action is required to mitigate this vulnerability:

  1. Update Fortra's GoAnywhere MFT to version 7.4.1 or later.
  2. Review and monitor admin user creation logs for any unusual activity.
  3. Regularly audit your system's security settings and user privileges.

For additional support, contact Fortra's security team or refer to their official security advisory.

References:

General Instructions for Updating Outdated Versions of WordPress

General Instructions for Updating Outdated Versions of WordPress

Subject: Essential Maintenance: Updating WordPress to Enhance Security and Performance

Read More
Mitigation Instructions for PHP 8.2.x < 8.2.9 Multiple Vulnerabilities

Mitigation Instructions for PHP 8.2.x < 8.2.9 Multiple Vulnerabilities

Subject: Security Alert: Upgrading PHP to Version 8.2.9 or Later to Address Critical Vulnerabilities

Read More
Upgrading OpenSSL to Address Vulnerabilities

Upgrading OpenSSL to Address Vulnerabilities

Subject: Security Update Guidance: Upgrading OpenSSL to Address Vulnerabilities

Read More