Azure Web Application Firewall
An Azure service that provides protection for web apps.
278 questions
Understanding Discrepancy in WAF Detection: Sending Data as 積極性 but Matched as Mu' in SQL Injection Attack Error
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(304, 57.99999999999999%, 39%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ENN%3C/text%3E%3C/svg%3E)
Nguyễn Đức Duy
0
Reputation points
Hello Team,
I'm encountering an issue with the WAF Microsoft_DefaultRuleSet-2.1-MS-ThreatIntel-SQLI-99031001. When submitting a form using the POST method, specifically at the input [evaluationSheetModel.majorListModels[5].middleListModel.minorListModel.name], the value being sent is 積極性.
However, I'm receiving the following error:
[{""matchVariableName"":""PostParamValue:evaluationSheetModel.majorListModels[5].middleListModel.minorListModel.name"",""matchVariableValue"":""Mu'""}]"SQL Injection Attack: Common Injection Testing Detected,Matched Data: Mu' found within PostParamValue:evaluationSheetModel.majorListModels[5].middleListModel.minorListModel.name: Mu'
The data being sent is 積極性, but the matched data in the error message is Mu'.
Could you please assist me in understanding this discrepancy?
Thank you
{count} votes
-
GitaraniSharma-MSFT 47,676 Reputation points Microsoft Employee2024-04-01T13:03:11.02+00:00 Hello @Nguyễn Đức Duy ,
Welcome to Microsoft Q&A Platform. Thank you for reaching out & hope you are doing well.
I understand that you are encountering an issue with the WAF Microsoft_DefaultRuleSet-2.1-MS-ThreatIntel-SQLI-99031001, when submitting a form using the POST method but the data sent is different than the matched data in the error message. So, you would like to understand why there is a discrepancy in the WAF log.
Without actually checking the complete WAF log, it is not possible to share any inputs on your query.
To troubleshoot the exact issue here, we will need a specialized 1:1 session, where a support engineer can have a screen share session to pinpoint the issue. So, if you have a support plan, I request you file a support ticket, else please do let us know, we will try and help you get a one-time free technical support.
In case you need help with a one-time free technical support, I would request you to check the private message and provide the requested details.
Regards,
Gita
-
GitaraniSharma-MSFT 47,676 Reputation points Microsoft Employee
2024-04-04T16:17:31.61+00:00 @Nguyễn Đức Duy , could you please provide an update on this post?
In case you need help with a one-time free technical support, please check the private message and provide the requested details.
Sign in to comment