Vulnerability Note VU#846103
Sungard eTRAKiT3 may be vulnerable to SQL injection
Original Release date: 06 Dec 2016 | Last revised: 12 Dec 2016
According to the reporter, the Sungard eTRAKiT3 software version 18.104.22.168 may be vulnerable to SQL injection which may allow a remote unauthenticated attacker to run a subset of SQL commands against the back-end database.
CWE-89: Improper Neutralization of Special Elements used in an SQL Command (‘SQL Injection’) – CVE-2016-6566
According to the reporter, the valueAsString parameter inside the JSON payload contained by the ucLogin_txtLoginId_ClientStat POST parameter is not properly validated.
An unauthenticated remote attacker may be able to modify the POST request and insert a SQL query which may then be executed by the backend server.
According to the reporter, eTRAKiT 22.214.171.124 was tested, but other versions may also be vulnerable.
A remote unauthenticated attacker may be able to run a subset of SQL commands against the back-end database.
Apply a patch
Sungard has provided the following statement:
SunGard Public Sector appreciates that this issue has been brought to our attention. Our development team has addressed this report with a patch release. Please contact the SunGard Public Sector TRAKiT Solutions division to request the patch release. (858) 451-3030.
However, affected users may also consider the following workaround:
As a general good security practice, only allow connections from trusted hosts and networks. Note that restricting access does not prevent SQLi attacks since the attack comes as an SQL request from a legitimate user’s host. Restricting access would prevent an attacker from accessing a web interface using stolen credentials from a blocked network location.
Vendor Information (Learn More)
VendorStatusDate NotifiedDate UpdatedSungardAffected21 Oct 201612 Dec 2016If you are a vendor and your product is affected, let
CVSS Metrics (Learn More)
Thanks to Illumant for reporting this vulnerability.
This document was written by Garret Wassermann.
06 Dec 2016
Date First Published:
06 Dec 2016
Date Last Updated:
12 Dec 2016
FeedbackIf you have feedback, comments, or additional information about this vulnerability, please send us email.