Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Nagesh_Aithal
Explorer

SQL Servers SQL Injection Evasion Techniques

Hi,

 

We have received a below signature triggered in our environment.

 

Can anyone suggest the cause for this?

 

Resource:                 http://<URL>
Product Family:         Network
Time:                         13:34:38
Source Port:               64698
Date:                         29Oct2019
Type:                         Log
Interface:                   xxx
Service:                     http (80)
Origin:                       FW
Action:                       Detect
Number:                    11299748
Source:                     x.x.x.x
Protocol:                   tcp
Reject ID:                   5db7cf6d-44-3016e0a-c0000000
Information:               Update Version: 635197066
Rule UID:                  
Destination:               x.x.x.x
Rule:                         xxxx
Rule Name:               xxxxxx
Attack Information:     SQL Servers SQL Injection Evasion Techniques
Attack:                       Application Intelligence
IPS Profile:                xxxxx
Product:                     IPS Software Blade
Performance Impact: Medium
Protection Name:       SQL Servers SQL Injection Evasion Techniques
Protection ID:             asm_dynamic_prop_SQL_INJECT_EVS_A
Confidence Level:     High
Severity:                   Critical
Protection Type:       Signature
Industry Reference:   None
Proxied Source IP:     
Client Type:               Chrome
Policy Info:                 Policy Name: Policy1
                                  Created at: Thu Oct 24 16:45:50 2019
                                  Installed from: Management

 

 

Regards,

Santhosh

0 Kudos
1 Reply
PhoneBoy
Admin
Admin

If you've got packet captures enabled for this signature and submit them to TAC, we should be able to confirm why it is triggering.
0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events