HTTP: SQL Injection Detected on HTTP Request Variable 4
This signature detects specific characters, typically used in SQL procedures, within an HTTP connection. Because these characters are not normally used in HTTP, this can indicate a SQL injection attack through a procedure. However, it can be a false positive. To reduce False Positives, it is strongly recommended that these signatures only be used to inspect traffic from the Internet to your organization's web servers that use SQL backend databases to generate content and not to inspect traffic going from your organization to the Internet.
Extended Description
SQL injection vulnerability in the LinkViewFetchServlet servlet in ManageEngine Desktop Central (DC) and Desktop Central Managed Service Providers (MSP) edition before 9 build 90043, Password Manager Pro (PMP) and Password Manager Pro Managed Service Providers (MSP) edition before 7 build 7003, IT360 and IT360 Managed Service Providers (MSP) edition before 10.3.3 build 10330, and possibly other ManageEngine products, allows remote attackers or remote authenticated users to execute arbitrary SQL commands via the sv parameter to LinkViewFetchServlet.dat.
Affected Products
Manageengine desktop_central
Short Name
HTTP:SQL:INJ:REQ-VAR-4
Severity
Minor
Recommended
False
Recommended Action
None
Category
HTTP
Keywords
4 CVE-2010-4993 CVE-2010-4994 CVE-2011-1556 CVE-2012-1777 CVE-2014-3996 CVE-2014-7867 CVE-2014-7868 Detected HTTP Injection Request SQL Variable bid:69305 bid:71002 bid:71509 on
Release Date
04/08/2015
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3761
False Positive
Rarely
Vendors
Manageengine
CVSS Score
7.5
6.8