Fortra is actively researching critical vulnerabilities in Apache Tomcat – CVE-2024-50379 and CVE-2024-56337. An incomplete patch of CVE-2024-50379 could result in code execution on case-insensitive file systems when the default servlet is enabled for write. Users are recommended to update Tomcat installations to the latest secure version to fully mitigate these vulnerabilities.

Fortra is actively researching a vulnerability affecting Apache Struts 2 – CVE-2024-53677. By exploiting this vulnerability, a malicious actor can manipulate file upload parameters to enable paths traversal. Under some circumstances, this can lead to uploading a malicious file which can be used to perform remote code execution. Software patches have been released to address this vulnerability, and customers should upgrade as soon as possible.

Fortra is actively researching a new vulnerability in three products from Cleo – Cleo Harmony, Cleo VLTrader, and Cleo LexiCom. This vulnerability, CVE-2024-50623, can allow unrestricted file upload and download, which can lead to remote code execution. Active exploitation of the vulnerability has been reported. Cleo has released patches to address this vulnerability, and affected customers are strongly advised to to update their instances as soon as possible.

Fortra is actively researching an improper access control vulnerability in SailPoint’s IdentityIQ– CVE-2024-10905. This vulnerability could allow unauthorized HTTP access to static content in the IdentityIQ application directory. SailPoint has released fixes for this vulnerability, which customers should apply as soon as possible.

Fortra is actively researching new vulnerabilities in Palo Alto PAN-OS – CVE-2024-0012 and CVE-2024-9474. When combined, these two vulnerabilities allow for an exploit chain to achieve remote code execution. The first CVE allows an unauthenticated attacker with access to the web management interface to gain administrator privileges on the PAN-OS device, while the second CVE allows administrators to perform actions on the firewall with root privileges. Palo Alto has released fixed versions of PAN-OS to address these vulnerabilities, and customers are recommended to upgrade as soon as possible.