Executive Summary

This Alert is flagged as TOP 25 Common Weakness Enumeration from CWE/SANS. For more information, you can read this.
Title Sungard eTRAKiT3 may be vulnerable to SQL injection
Name VU#846103 First vendor Publication 2016-12-06
Vendor VU-CERT Last vendor Modification 2016-12-12
Severity (Vendor) N/A Revision M

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:P/I:P/A:P)
Cvss Base Score 7.5 Attack Range Network
Cvss Impact Score 6.4 Attack Complexity Low
Cvss Expoit Score 10 Authentication None Required
Calculate full CVSS 2.0 Vectors scores


Vulnerability Note VU#846103

Sungard eTRAKiT3 may be vulnerable to SQL injection

Original Release date: 06 Dec 2016 | Last revised: 12 Dec 2016


According to the reporter, the Sungard eTRAKiT3 software version may be vulnerable to SQL injection which may allow a remote unauthenticated attacker to run a subset of SQL commands against the back-end database.


CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') - CVE-2016-6566

According to the reporter, the valueAsString parameter inside the JSON payload contained by the ucLogin_txtLoginId_ClientStat POST parameter is not properly validated. An unauthenticated remote attacker may be able to modify the POST request and insert a SQL query which may then be executed by the backend server. According to the reporter, eTRAKiT was tested, but other versions may also be vulnerable.


A remote unauthenticated attacker may be able to run a subset of SQL commands against the back-end database.


Apply a patch

Sungard has provided the following statement:

    SunGard Public Sector appreciates that this issue has been brought to our attention.   Our development team has addressed this report with a patch release.  Please contact the SunGard Public Sector TRAKiT Solutions division to request the patch release.  (858) 451-3030.

However, affected users may also consider the following workaround:

Restrict access

As a general good security practice, only allow connections from trusted hosts and networks. Note that restricting access does not prevent SQLi attacks since the attack comes as an SQL request from a legitimate user's host. Restricting access would prevent an attacker from accessing a web interface using stolen credentials from a blocked network location.

Vendor Information (Learn More)

VendorStatusDate NotifiedDate Updated
SungardAffected21 Oct 201612 Dec 2016
If you are a vendor and your product is affected, let us know.

CVSS Metrics (Learn More)



  • http://www.sungardps.com/solutions/trakit/


Thanks to Illumant for reporting this vulnerability.

This document was written by Garret Wassermann.

Other Information

  • CVE IDs:CVE-2016-6566
  • Date Public:06 Dec 2016
  • Date First Published:06 Dec 2016
  • Date Last Updated:12 Dec 2016
  • Document Revision:33


If you have feedback, comments, or additional information about this vulnerability, please send us email.

Original Source

Url : http://www.kb.cert.org/vuls/id/846103

CWE : Common Weakness Enumeration

% Id Name
100 % CWE-89 Improper Sanitization of Special Elements used in an SQL Command ('SQL Injection') (CWE/SANS Top 25)

CPE : Common Platform Enumeration

Application 1

Alert History

If you want to see full details history, please login or register.
Date Informations
2018-09-10 17:23:39
  • Multiple Updates
2018-07-14 00:21:04
  • Multiple Updates
2016-12-12 17:23:37
  • Multiple Updates
2016-12-06 21:23:45
  • First insertion