Intrusion Prevention

Apache.SkyWalking.GraphQL.Protocol.SQL.Injection

Description

This indicates an attack attempt to exploit an SQL Injection Vulnerability in Apache Software Foundation SkyWalking.
The vulnerability is due to insufficient validation of the user-supplied input for metadata query through GraphQL protocol. A remote attacker could exploit this vulnerability by sending malicious requests to a vulnerable Apache SkyWalking server. Successful exploitation of this vulnerability could result in execution of arbitrary SQL code and lead to information disclosure.

Affected Products

Apache Software Foundation SkyWalking 6.0.0 to 6.6.0
Apache Software Foundation SkyWalking 7.0.0

Impact

System Compromise: Remote attackers can add, view, delete or modify data in the database of the affected application

Recommended Actions

Apply the most recent upgrade or patch from the vendor.
https://github.com/apache/skywalking/pull/4639

CVE References

CVE-2020-9483