Critical Security Advisory for FileMage Gateway Versions 1.7.0 - 1.13.1

Critical Security Advisory

A critical security issue has been identified in FileMage Gateway. We urge customers to update to version 1.13.3. or above as soon as possible.

Scope

All image versions between v1.7.0 and v1.13.1 deployed in Google Cloud, AWS, and Azure are affected.

The HTTP and HTTPS listeners of the management and workspace portals are affected by this vulnerability.

Other file transfer protocols (FTP, FTPS, SFTP) are not affected.

Known Affected Versions

Versions between v1.7.0 and v1.13.1.

Resolution

To fix this issue, update FileMage Gateway to version 1.13.1 or later by using the built-in update command.