|The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.|
ArcGIS Web Server: SQL injection
Synthesis of the vulnerability
An attacker can use the REST interface of the ArcGIS web server, to inject SQL commands, in order to read or alter data.
Vulnerable systems: ArcGIS ArcView, ArcGIS for Desktop, ArcGIS for Server.
Severity of this threat: 2/4.
Consequences of an attack: data reading, data creation/edition.
Pirate's origin: intranet client.
Creation date: 12/11/2012.
Références of this weakness: BID-56474, CVE-2012-4949, NIM084249, VIGILANCE-VUL-12128, VU#795644.
Description of the vulnerability
The ArcGIS web server has a REST interface, which is reachable on port 6080/tcp, so that users can remotely query the service.
The "where" parameter of the "query" feature is used to filter queries. However, this parameter is not filtrered before being injected in a SQL query.
An attacker can therefore use the REST interface of the ArcGIS web server, to inject SQL commands, in order to read or alter data.
Full Vigil@nce bulletin... (Free trial)
Computer vulnerabilities tracking service
Vigil@nce provides a software vulnerabilities patch. The Vigil@nce security watch publishes vulnerability bulletins about threats impacting the information system. The Vigil@nce team tracks computer vulnerabilities impacting systems and applications. Each administrator can customize the list of products for which he wants to receive vulnerability alerts.