Miggo Logo

CVE-2017-9246: New Relic .NET Agent contains SQL Injection

9.8

CVSS Score
3.0

Basic Information

EPSS Score
0.48354%
Published
5/17/2022
Updated
10/24/2023
KEV Status
No
Technology
TechnologyC#

Technical Details

CVSS Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Package NameEcosystemVulnerable VersionsFirst Patched Version
NewRelic.Agentnuget< 6.3.123.06.3.123.0

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The vulnerability stems from New Relic's handling of SQL queries in the Slow Queries feature, specifically the failure to escape quotes when reconstructing parameterized queries for execution plan analysis. However, the provided sources (CVE, GHSA, blog post) do not explicitly name specific functions or file paths in the NewRelic.Agent codebase. The exploit involves the agent's internal mechanism for appending raw SQL with unescaped values after SET SHOWPLAN_ALL ON, but without access to the original code, commit diffs, or patch details, we cannot identify exact function names or file locations with high confidence. The vulnerability is tied to the agent's query instrumentation logic for Slow Queries, likely in SQL command interception/rewriting components, but insufficient public code-level documentation prevents precise function identification.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

N*w R*li* .N*T ***nt ***or* *.*.***.* ***s SQL inj**tion *l*ws to s*** *ppli**tions vi* v**tors involvin* **ilur* to *s**p* quot*s *urin* us* o* t** Slow Qu*ri*s ***tur*, *s **monstr*t** *y * mis**n*l** quot* in * V*LU*S *l*us* o* *n INS*RT st*t*m*nt

Reasoning

T** vuln*r**ility st*ms *rom N*w R*li*'s **n*lin* o* SQL qu*ri*s in t** Slow Qu*ri*s ***tur*, sp**i*i**lly t** **ilur* to *s**p* quot*s w**n r**onstru*tin* p*r*m*t*riz** qu*ri*s *or *x**ution pl*n *n*lysis. *ow*v*r, t** provi*** sour**s (*V*, **S*, *