10 Replies Latest reply on May 25, 2016 3:06 PM by eric

    Database Design Report (DDR) Exposes ODBC Data Sources Passwords

    eric

      Product and version: FileMaker Pro Advanced 15, 14...

      OS and version: OS X 10.11.4 

       

      Description:

      Generating an HTML Database Design Report (DDR) will expose passwords stored in ODBC Data Sources in the report.

       

      Note: The DDR does not expose user name or password for Import Records [ ODBC Data Source:] script steps. However, exposing the user name, should be a desired expectation, allowing us to use the DDR to audit accounts in scripts. The user name and password should appear just as they do in the Accounts section of the report.

       

      Expected Result:

      FileMaker Pro Advanced should be securing ODBC Data Source passwords as well it secures its own local passwords—never exposing the passwords under any circumstance. Exposing the user name, on the other hand, is a desired expectation, allowing us to use the DDR to audit accounts in ODBC data sources. The user name and password should appear just as they do in the Accounts section of the report.

       

      How to replicate:

      Generate a full HTML Database Design Report (DDR) or a report that includes Data Sources in the report.

       

      Workaround: Don't include Data Sources in the DDR.

       

      Urgency: I would think of this as a relatively urgent security issue, since FileMaker Pro Advanced is not merely exposing its own system, but exposing the external data sources to which it might have very privileged access.