Forum Discussion
Cirrocumulus[ASM] : SQL-INJ "end-quote UNION" - How to allow this signature to specific url/uri/parameter only
Hi Team ,
can someone explain me the attack type - end-quote UNION and the solution to allow this signature to specific url/uri/parameter only.
Attack Type : SQL-Injection
Detected Keyword : ,\"Valore\":\"UNION-GLASS0x20S.R.L.\"},{\&quo
Attack Signature : SQL-INJ "end-quote UNION" (Parameter)
Context : Parameter (detected in Form Data)
Parameter Level : Global
Parameter Value : \"ArrayValori\":null
3 Replies
Blue_whaleword UNION was not found in the decoded request or on the parameter value .
- Injeyan_Kostas
Nacreous
But this is the detection
,\"Valore\":\"UNION-GLASS0x20S.R.L.\"},{\&quo
- Injeyan_Kostas
You got this because the world UNION detected between quotes
Union is an SQL command so it match the signature
If you click the Accept button an exception will be automatically be created for the specific parameter.
Else you can manually create one under Security → Application Security → Parameters select you policy and create a parameter
Therre you can define the parameter name, the url and the attack signature you want to exclude.
