SQL Server is a relational database management system introduced by Microsoft Corporation. The extended stored procedure xp_cmdshell of SQL Server is used to run system commands. The xp_cmdshell option enables system administrators to control whether to spawn a Windows command shell and pass it in a string for execution. Any output is returned as rows of text.
Malicious users sometimes attempt to elevate their privileges by using xp_cmdshell to run system commands.
Rule-based defense: Cloud Firewall has been able to defend against remote command execution through SQL Server xp_cmdshell.
Scope of impact: Microsoft SQL Server
Rule type: Command execution
Risk level: High