MS.IIS.Command.Shell.SQL.Injection
Description
It indicates a potential SQL injection attack via xp_cmdshell access.
Some web servers may be exposed to certain SQL injection attacks that allow attackers to compromise a vulnerable database by sending it specially-crafted URLs.
Affected Products
Any unprotected web server that does not properly sanitize user input on possible SQL injection is vulnerable.
Impact
Attackers can execute SQL commands and compromise the database on the victim system.
Recommended Actions
Apply appropriate patches or Upgrade the system to the latest non-vulnerable
version.
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |