Intrusion Prevention

Oracle.XML.DB.SID.Brute.Force

Description

This indicates detection of a Brute Force attack on Oracle XML DB httpd server.
A remote attacker can send multiple "GET" request login attempts based on a default password list, in an attempt to gain access. Detection is triggered when the brute force attack runs at a rate of about 300 times in 10 seconds.

Affected Products

Oracle XML DB httpd server.

Impact

Impact of a successful attack could vary, with the worse case being a system compromise.

Recommended Actions

Adjust the threshold to your network.
Monitor the traffic from that network for any suspicious activity.