APP: AIS logistics ESEL-Server Unauth SQL Injection

This signature detects attempts to exploit a known vulnerability against AIS logistics ESEL-Server. A successful attack can lead to command injection and arbitrary code execution.

Extended Description

SQL Injection in Advanced InfoData Systems (AIS) ESEL-Server 67 (which is the backend for the AIS logistics mobile app) allows an anonymous attacker to execute arbitrary code in the context of the user of the MSSQL database. The default user for the database is the 'sa' user.

References

CVE: CVE-2019-10123

Short Name
APP:MISC:AIS-LGISTC-ESEL-SQLINJ
Severity
Major
Recommended
False
Recommended Action
Drop
Category
APP
Keywords
AIS CVE-2019-10123 ESEL-Server Injection SQL Unauth logistics
Release Date
06/25/2021
Supported Platforms

srx-branch-12.3

srx-19.3

srx-branch-19.3

vsrx3bsd-19.2

srx-branch-19.4

vsrx-19.4

mx-12.3

mx-19.4

vmx-19.4

mx-19.3

vsrx3bsd-19.4

srx-19.4

vsrx-12.3

vmx-19.3

vsrx-19.2

srx-12.3

Sigpack Version
3415
Port
TCP/5099
False Positive
Unknown
CVSS Score

7.5

Found a potential security threat?