- Suhas Shravagi
- PowerBuilder
- Tuesday, 2 June 2020 10:50 AM UTC
Hi, I have a desktop application developed in PowerBuilder 2017 R3 with Sybase as a backend. Recently a vulnerability issue has been reported in the application where "the application does not implement encryption during transmission of data. This exposes the application to Man in the middle attacks and facilitates unauthorized exposure and modification of data transmitted between the client and the server. The database is transferring PII unencrypted." This has been reported when Retrieve() function of any datawindow is triggered.
The question is how to enforce the security on data transmission between database and client? Do we need to set any parameter for SQLCA.dbParm while connecting to database so that the communication will be in encrypted format? SQLCA.DBParm="Encrypt=1" is the property that works with SQL Server, but not sure whether it will work for Sybase database.
Please help.
--Thanks,
Suhas.
Find Questions by Tag
Helpful?
If a reply or comment is helpful for you, please don’t hesitate to click the Helpful button. This action is further confirmation of their invaluable contribution to the Appeon Community.