Intrusion Prevention

CA.Total.Defense.Suite.UNCWS.ExportReport.SQL.Injection

Description

This indicates an attack attempt against a SQL Injection vulnerability in CA Total Defense Suite UNC Management Console.
The vulnerability is due to insufficient sanitization of the request parameters in a stored procedure. An attacker can exploit this by sending a specially crafted SOAP request to the target on port 34444 for HTTP and 34443 for
HTTPS. Successful attacks may allow an attacker to inject arbitrary SQL commands. Any injected SQL commands will run with DBA privileges.

Affected Products

CA Total Defense Suite prior to R12 SE3

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

Currently we are not aware of any vendor supplied patches.