BID:23671

Computer Associates CleverPath Portal Local SQL Injection Vulnerability

Info

Computer Associates CleverPath Portal Local SQL Injection Vulnerability

Bugtraq ID:	23671
Class:	Input Validation Error
CVE:	CVE-2007-2230
Remote:	Yes
Local:	No
Published:	Apr 26 2007 12:00AM
Updated:	May 02 2007 09:09PM
Credit:	Irene Abezgauz of Hacktics is credited with the discovery of this issue.
Vulnerable:	Computer Associates Unicenter Management Portal 3.1 Computer Associates Unicenter Management Portal 2.0 Computer Associates Unicenter Management Portal 11.0 Computer Associates Unicenter Database Management Portal 11.1 Computer Associates Unicenter Database Management Portal 11 Computer Associates Unicenter Asset Portfolio Management 11.0 Computer Associates eTrust Security Command Center 8 Computer Associates eTrust Security Command Center 1.0 Computer Associates CleverPath Portal 4.7 Computer Associates CleverPath Portal 4.71 Computer Associates CleverPath Portal 4.51 Computer Associates CleverPath Aion BPM 10.2 Computer Associates CleverPath Aion BPM 10.1 Computer Associates CleverPath Aion BPM 10 Computer Associates BrightStor Portal 11.1

Not Vulnerable:

Discussion

Computer Associates CleverPath Portal Local SQL Injection Vulnerability

Computer Associates CleverPath Portal is prone to a local SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.

Exploiting this issue could allow an attacker to access potentially sensitive data that could aid in further attacks.

Exploit / POC

Computer Associates CleverPath Portal Local SQL Injection Vulnerability

Attackers can use a browser to exploit this issue.

Solution / Fix

Computer Associates CleverPath Portal Local SQL Injection Vulnerability

Solution:
The vendor has released a patch to address this issue. Please see the referenced advisory for more information.

References

Computer Associates CleverPath Portal Local SQL Injection Vulnerability

References:

Computer Associates Homepage (Computer Associates)
CA CleverPath Portal SQL Injection Vulnerability (Williams, James K)
Security Advisory: CA CleverPath SQL Injectio (Irene Abezgauz)
CAID 35277: CA CleverPath Portal SQL Injection Vulnerability (Computer Associates)
Security Advisory: CA CleverPath SQL Injection (Hacktics)