PT-2018-4962 · Sungard · Etrakit3

Published

2018-07-13

Updated

2019-10-09

CVE-2016-6566

CVSS v3.1

9.8

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Sungard eTRAKiT3 version 3.2.1.17

Description The issue concerns the valueAsString parameter within the JSON payload of the ucLogin txtLoginId ClientStat POST parameter, which is not properly validated. This could allow an unauthenticated remote attacker to modify the POST request, potentially inserting a SQL query that may be executed by the backend server.

Recommendations For version 3.2.1.17, consider restricting access to the ucLogin txtLoginId ClientStat POST parameter until a fix is available, and avoid using the valueAsString parameter in the JSON payload to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

SQL injection

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-89

Related Identifiers

CVE-2016-6566

Affected Products

Etrakit3

PT-2018-4962 · Sungard · Etrakit3

CVE-2016-6566

Weakness Enumeration

Related Identifiers

Affected Products

References · 5