Vulnerability Note VU#846103
Sungard eTRAKiT3 may be vulnerable to SQL injection
According to the reporter, the Sungard eTRAKiT3 software version 22.214.171.124 may be vulnerable to SQL injection which may allow a remote unauthenticated attacker to run a subset of SQL commands against the back-end database.
CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') - CVE-2016-6566
According to the reporter, the valueAsString parameter inside the JSON payload contained by the ucLogin_txtLoginId_ClientStat POST parameter is not properly validated. An unauthenticated remote attacker may be able to modify the POST request and insert a SQL query which may then be executed by the backend server. According to the reporter, eTRAKiT 126.96.36.199 was tested, but other versions may also be vulnerable.
A remote unauthenticated attacker may be able to run a subset of SQL commands against the back-end database.
Apply a patch
However, affected users may also consider the following workaround:
Vendor Information (Learn More)
|Vendor||Status||Date Notified||Date Updated|
|Sungard||Affected||21 Oct 2016||12 Dec 2016|
CVSS Metrics (Learn More)
Thanks to Illumant for reporting this vulnerability.
This document was written by Garret Wassermann.
- CVE IDs: CVE-2016-6566
- Date Public: 06 Dec 2016
- Date First Published: 06 Dec 2016
- Date Last Updated: 12 Dec 2016
- Document Revision: 33
If you have feedback, comments, or additional information about this vulnerability, please send us email.