We're having sporadic issues with remote clients getting denied access to our portal, they don't even get a login prompt. We're running an SRA 4600 with SonicOS SSL-VPN 8.0.0.3-23sv but have see it on 8.0.0.1 as well.
Log entry:
WAF threat prevented: SQL Injection Attack 1
More Detail
Input-matched: _ga=ga1.2.676072112.1440205737; _dc_gtm_ua-21325736-1=1
Threat: SQL Injection Attack 1
Threat Id: 9005
Description: SQL Injection is an attack technique used to exploit web sites that construct SQL statements from user-supplied input
URI: remote.ncmic.com:443/
Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko