SOI XP_CMD_SHELL vulnerability
search cancel

SOI XP_CMD_SHELL vulnerability

book

Article ID: 376374

calendar_today

Updated On:

Products

CA Service Operations Insight (SOI)

Issue/Introduction

The security team picked a security flag that increases risk exposure as it allows for the execution of operating system commands from within SQL queries caused by the XP_CMD_SHELL parameter enabled. 

Does the SOI database need XP_CMD_SHELL to be enabled? 

Environment

SOI 4.2.X

Resolution

SOI db does not need the XP_CMD_SHELL - it can be safely disabled.

Powered by Wolken Software