cvedb.io
CVE-2024-6633
CRITICAL · CVSS 9.8
EPSS exploitation probability: 0%
Published 2024-08-27T15:15:17.513 · Last modified 2026-06-17T08:18:23.130

Summary

The default credentials for the setup HSQL database (HSQLDB) for FileCatalyst Workflow are published in a vendor knowledgebase article. Misuse of these credentials could lead to a compromise of confidentiality, integrity, or availability of the software. The HSQLDB is only included to facilitate installation, has been deprecated, and is not intended for production use per vendor guides. However, users who have not configured FileCatalyst Workflow to use an alternative database per recommendations are vulnerable to attack from any source that can reach the HSQLDB.

Affected products

fortra — filecatalyst_workflow

Does this affect you?

Add your gear to cvedb and we'll alert you only when fortra ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.