SQL Server is a relational database management system introduced by Microsoft Corporation. The extended stored procedure xp_cmdshell of SQL Server is used to run system commands. The xp_cmdshell option enables system administrators to control whether to spawn a Windows command shell and pass it in a string for execution. Any output is returned as rows of text.

Malicious users sometimes attempt to elevate their privileges by using xp_cmdshell to run system commands.

Rule-based defense: Cloud Firewall has been able to defend against remote command execution through SQL Server xp_cmdshell.

Scope of impact: Microsoft SQL Server

Rule type: Command execution

Risk level: High