Code: p585 Severity: Warning
Description: This event is generated when a command is issued to an SQL database server that may result in a serious compromise of the data stored on that system. Impact: Serious. An attacker may have gained administrator access to the system. Corrective: Disallow direct access to the SQL server from sources external to the protected network. Ensure that this event was not generated by a legitimate session then investigate the server for signs of compromise Look for other events generated by the same IP addresses.
|
