Apache.SkyWalking.GraphQL.Protocol.SQL.Injection
Description
This indicates an attack attempt to exploit an SQL Injection Vulnerability in Apache Software Foundation SkyWalking.
The vulnerability is due to insufficient validation of the user-supplied input for metadata query through GraphQL protocol. A remote attacker could exploit this vulnerability by sending malicious requests to a vulnerable Apache SkyWalking server. Successful exploitation of this vulnerability could result in execution of arbitrary SQL code and lead to information disclosure.
Affected Products
Apache Software Foundation SkyWalking 6.0.0 to 6.6.0
Apache Software Foundation SkyWalking 7.0.0
Impact
System Compromise: Remote attackers can add, view, delete or modify data in the database of the affected application
Recommended Actions
Apply the most recent upgrade or patch from the vendor.
https://github.com/apache/skywalking/pull/4639
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |
Version Updates
Date | Version | Detail |
---|---|---|
2021-01-13 | 16.997 | Sig Added |
2020-12-02 | 16.972 | Default_action:pass:drop |
2020-10-22 | 16.948 |