Security Patch for CVE-2024-44685

Security Patch for CVE-2024-44685

An independent cyber security team has identified a security issue with the Admin UI of Titan SFTP and Titan MFT Sever that could involve exposure of sensitive information when configuring the SMTP settings and other places within the web UI. The issue involves sending sensitive information to the server (like SMTP configuration settings) and in responses received from the server. This effects versions 2.0.25.2426 and earlier and is addressed in version 2.0.26.2465 and higher for both Titan SFTP and Titan MFT server.

CVE-2024-44685 Fixes:
  1. The Titan web UI will now encrypt any sensitive information sent to the server.
  2. Any sensitive information is stripped from any responses from the server.

    • Related Articles

    • Security Patch for CVE-2023-45685 Through CVE-2023-45690

      An independent cyber security team (Rapid7) has identified several security issues mainly effecting the Linux versions of Titan SFTP and Titan MFT NextGen servers. The versions effected are version 2.0.17 and earlier of Titan SFTP and Titan MFT ...

    • Is Cornerstone MFT, Titan FTP or WebDrive impacted by the Apache Log4j2 (CVE-2021-44228) vulnerability?

      Question Is Cornerstone MFT, Titan FTP or WebDrive impacted by the Apache Log4j2 (CVE-2021-44228) vulnerability? Reasoning I want to confirm if the software I am using is vulnerable to the exploit found in CVE-2021-44228 so I can take the necessary ...

    • Cornerstone Server Security Best Practices

      A Quick Start Guide for best practices for server security when configuring your Cornerstone MFT Server: https://southrivertech.com/wp-content/uploads/qs_Cornerstone_Server_Security.pdf

    • How To: Harden SFTP settings in Titan Nextgen

      Related To Titan Nextgen Builds 2.x and above. Question How can I ensure my SFTP settings which include Ciphers/MACs/Kexes are as secure as possible? Reasoning I would like to minimize the risk of having a security issue in my organization by ...

    • How To: Configure Password Security in Titan Nextgen

      Related To Titan Nextgen Builds 1.x Question How can I configure password security settings in Titan Nextgen? Reasoning I would like to be able set password expiration, restrict reuse of passwords and also configure the password complexity to ensure ...