CA.TotalDefenseSuite.UNCWS.Multiple.SP.SQL.Injection
Description
This indicates an attack attempt against a Stored Procedure SQL Injection vulnerability in CA Total Defense Suite UNCWS.
The vulnerability is a result of the failure of some methods to properly sanitize user input parameters. It may allow an attacker to execute arbitrary commands on a vulnerable system by injecting arbitrary SQL statements into stored procedures.
Affected Products
CA Total Defense Suite r12 prior to r12 SE2.
Impact
System Compromise: Remote attackers can gain control of vulnerable systems.
Information Disclosure: Remote attackers can gain sensitive information from vulnerable systems.
Recommended Actions
Apply the latest update from the vendor.
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |