HP.Data.Protector.RequestCopy.SQL.Injection
Description
This indicates an attack attempt to exploit a SQL Injection vulnerability in HP Data Protector.
The vulnerability is due to insufficient sanitizing of user supplied inputs in the application. As a result, a remote attacker can send a crafted query to execute SQL commands on a vulnerable server.
Affected Products
HP Data Protector for Personal Computers 7.0 and earlier versions.
HP Data Protector Notebook Extension 6.20 and earlier versions.
Impact
System Compromise: Remote attackers can gain control of vulnerable systems.
Recommended Actions
Apply patch available from the website:
https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docDisplay/?docId=emr_na-c03058866&ac.admitted=1321021660321.876444892.199480143
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |