virus logo Intrusion Prevention

Web.Service.SAX.Injection

description-logoDescription

This indicates an attack attempt to exploit a SAX-injection vulnerability in Web Services which communicate through the use of SOAP requests.
The vulnerability is a result of the application's failure to properly sanitize user input before using it in web services. As a result, a remote attacker can send a crafted request to execute a function defined in the web service definition language (WSDL) file.

affected-products-logoAffected Products

All web application environments are susceptible to SAX injection.

Impact logoImpact

System compromise

recomended-action-logoRecommended Actions

The signature can be enabled to block this traffic.

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)

Version Updates

Date Version Detail
2020-12-02 16.972
ID 17700
Created Sep 15, 2009
Updated Dec 01, 2020
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon lightgray-background-circle-icon lightgray-background-circle-icon
Default Action drop
Active
Affected OS Windows, Linux
Affected App Other