Security Patch for CVE-2024-44685

Security Patch for CVE-2024-44685

An independent cyber security team has identified a security issue with the Admin UI of Titan SFTP and Titan MFT Sever that could involve exposure of sensitive information when configuring the SMTP settings and other places within the web UI. The issue involves sending sensitive information to the server (like SMTP configuration settings) and in responses received from the server. This effects versions 2.0.25.2426 and earlier and is addressed in version 2.0.26.2465 and higher for both Titan SFTP and Titan MFT server.

CVE-2024-44685 Fixes:
  1. The Titan web UI will now encrypt any sensitive information sent to the server.
  2. Any sensitive information is stripped from any responses from the server.

    • Related Articles

    • Security Patch for CVE-2023-45685 Through CVE-2023-45690

      An independent cyber security team (Rapid7) has identified several security issues mainly effecting the Linux versions of Titan SFTP and Titan MFT Servers. The versions effected are version 2.0.17 and earlier of Titan SFTP and Titan MFT (formerly ...

    • Is Titan MFT, Titan SFTP or WebDrive impacted by the Apache Log4j2 (CVE-2021-44228) vulnerability?

      Question Is Titan MFT, Titan SFTP or WebDrive impacted by the Apache Log4j2 (CVE-2021-44228) vulnerability? Reasoning I want to confirm if the software I am using is vulnerable to the exploit found in CVE-2021-44228 so I can take the necessary ...

    • How To: Harden SFTP settings in Titan

      Related To Titan SFTP and Titan MFT Builds 2.x and above. Question How can I ensure my SFTP settings which include Ciphers/MACs/Kexes are as secure as possible? Reasoning I would like to minimize the risk of having a security issue in my organization ...

    • How To Prevent Insecure ADSI/LDAP User Authentication

      How To: Prevent Insecure ADSI/LDAP User Authentication Question How can I prevent insecure user authentication via ADSI or LDAP/S and other potential security vulnerabilities due to Unauthenticated Binds in Windows Active Directory (AD)? Reasoning By ...

    • How To: Configure Password Security in Titan SFTP and Titan MFT

      Related To Titan SFTP Server and Titan MFT Server Question How can I configure password security settings in Titan? Reasoning I would like to be able set password expiration, restrict reuse of passwords and also configure the password complexity to ...