Mitigation Instructions for Drupal SEoL (6.x)
Subject: Drupal Unsupported Version Detection (6.x)
1 min read
CyRisk Vulnerability Management Team
:
Jan 25, 2024 3:00:35 PM
Subject: Mitigation Instructions for CVE-2024-0204 Fortra's GoAnywhere MFT Vulnerability
Tech Stack: Fortra's GoAnywhere Managed File Transfer (MFT)
Date(s) Issued: First reported on Jan. 22, 2024, with updates on Jan. 24, 2024
Criticality: HIGH (CVSS score: 9.8)
Overview:
CVE-2024-0204 is a critical authentication bypass vulnerability in Fortra's GoAnywhere MFT prior to version 7.4.1. It allows unauthorized users to create an admin user via the admin portal, posing significant security risks.
Solution:
Immediate action is required to mitigate this vulnerability:
For additional support, contact Fortra's security team or refer to their official security advisory.
References:
Subject: Drupal Unsupported Version Detection (6.x)
Subject: Microsoft SQL Server Unsupported Version Detection
Subject: Python Unsupported Version Detection