Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Nagesh_Aithal
Explorer

SQL Servers SQL Injection Evasion Techniques

Hi,

 

We have received a below signature triggered in our environment.

 

Can anyone suggest the cause for this?

 

Resource:                 http://<URL>
Product Family:         Network
Time:                         13:34:38
Source Port:               64698
Date:                         29Oct2019
Type:                         Log
Interface:                   xxx
Service:                     http (80)
Origin:                       FW
Action:                       Detect
Number:                    11299748
Source:                     x.x.x.x
Protocol:                   tcp
Reject ID:                   5db7cf6d-44-3016e0a-c0000000
Information:               Update Version: 635197066
Rule UID:                  
Destination:               x.x.x.x
Rule:                         xxxx
Rule Name:               xxxxxx
Attack Information:     SQL Servers SQL Injection Evasion Techniques
Attack:                       Application Intelligence
IPS Profile:                xxxxx
Product:                     IPS Software Blade
Performance Impact: Medium
Protection Name:       SQL Servers SQL Injection Evasion Techniques
Protection ID:             asm_dynamic_prop_SQL_INJECT_EVS_A
Confidence Level:     High
Severity:                   Critical
Protection Type:       Signature
Industry Reference:   None
Proxied Source IP:     
Client Type:               Chrome
Policy Info:                 Policy Name: Policy1
                                  Created at: Thu Oct 24 16:45:50 2019
                                  Installed from: Management

 

 

Regards,

Santhosh

1 Reply
PhoneBoy
Admin
Admin

If you've got packet captures enabled for this signature and submit them to TAC, we should be able to confirm why it is triggering.

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events