Browse all 34 CVE security advisories affecting Fortra. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Fortra, formerly part of DigiCert, specializes in identity governance and privileged access management solutions, primarily serving enterprise environments requiring strict control over administrative credentials. The company’s software portfolio has historically been associated with a significant volume of security flaws, currently totaling 34 Common Vulnerabilities and Exposures (CVEs). These vulnerabilities predominantly involve remote code execution and cross-site scripting, often stemming from insufficient input validation or improper access controls within web-based administrative interfaces. While specific major public breaches directly attributed to Fortra products remain limited in widespread reporting, the high count of disclosed CVEs indicates persistent challenges in securing legacy codebases and complex privilege escalation mechanisms. Security analysts recommend rigorous patch management and network segmentation to mitigate risks associated with these known weaknesses, ensuring that privileged access tools do not become entry points for broader infrastructure compromise.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2024-5275 | Hard-coded password in FileCatalyst Direct 3.8.10 Build 138 TransferAgent (and earlier) and FileCatalyst Workflow 5.1.6 Build 130 (and earlier) — FileCatalyst DirectCWE-259 | 7.8 | High | 2024-06-18 |
This page lists every published CVE security advisory associated with Fortra. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.