vendor:
eTRAKiT3
by:
Chris Anastasio
9,8
CVSS
CRITICAL
Blind SQL Injection
89
CWE
Product Name: eTRAKiT3
Affected Version From: 3.2.1.17
Affected Version To: 3.2.1.17
Patch Exists: YES
Related CWE: CVE-2016-6566
CPE: a:sungard_public_sector:etrakit3
Metasploit:
N/A
Other Scripts:
N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References:
N/A
Nuclei Metadata: N/A
Platforms Tested: None
2016
Software: Sungard eTRAKiT3
The login form is vulnerable to blind SQL injection by an unauthenticated user. The 'valueAsString' parameter inside the JSON payload contained by the 'ucLogin_txtLoginId_ClientStat' POST parameter is not properly validated. An unauthenticated remote attacker may modify the POST request and insert a SQL query which will then be executed by the backend server. eTRAKiT 3.2.1.17 was tested, but other versions may also be vulnerable.
Mitigation:
Contact SunGard Public Sector TRAKiT Solutions division to request the patch release.
