MachineName Parameter can be used to Exploit a SQL Injection Vulnerability in App Broker

Title

Symptoms:

A SQL injection vulnerability in App Broker 2018R1 and earlier allows local users to execute arbitrary SQL commands via the MachineName parameter.

The machine name sent by the client is not validated, and can be used to deliver SQL commands that would be interpreted by the database engine.

Steps to reproduce are not available at this time, as this issue was discovered through a vulnerability scan of App Broker.

This issue has been resolved in App Broker 2019 R1. Please download the latest version of App Broker 2019 R1 from the PLC download area.

This issue has been tracked under issue number IOJ-1908386.
For release notes and resolved issues in App Broker 2019 R1, please visit:
https://helpnet.flexerasoftware.com/appportal/rn2019r1/AppPortalAppBroker2019r1ReleaseNotes.htm#resolve

Secunia Research at Flexera has issued an advisory SA88121.
A copy of the advisory is attached to this article.

Was this helpful?

Product

App Broker/App Portal

Deployment type

On-premises

Visibility

Guest

URL Name

machinename-parameter-can-be-used-to-exploit-a-sql-injection-vulnerability-in-app-broker

Are you sure you want to cancel the case creation?

Case closed successfully

Action performed successfully

Upload Attachment

Maximum file size allowed is 3 MB.

File type not supported.

Supported file types:

Documents (.txt, .doc, .docx, .pdf), Images (.jpg, .png), Comma Separated Files (.csv) Speadsheets (.xlsx, .xls)

Are you sure you want to close this case

Get Hotline support

Products	Region	Phone Numbers
FlexNet Operations FlexNet Embedded FlexNet Publisher FlexNet Connect FlexNet Code Insight InstallAnywhere InstallShield	North America *	+1 630-332-2513 (toll) +1 877-279-2853 (toll-free in North America)
	Europe *	+44 1925 944367 (toll) +44 800 047 8642 (toll-free in Europe)
	Japan *	+81 3-4540-5335 (select option 2)
	Australia *	+61 3 9895 2177 +61 1800 560 603 (toll-free in Australia)
Usage Intelligence (formerly Revulytics) Compliance Intelligence	Please use the Case Portal to submit your support ticket or reach out to your Revenera contact.