CWE-564SQL Injection: Hibernate

Description

Common consequences· 1

• Confidentiality / Integrity — Read Application Data, Modify Application Data

Potential mitigations· 5

• [Requirements]A non-SQL style database which is not subject to this flaw may be chosen.
• [Architecture and Design]Follow the principle of least privilege when creating user accounts to a SQL database. Users should only have the minimum privileges necessary to use their account. If the requirements of the system indicate that a user can read and modify their own data, then limit their privileges so they cannot read/write others' data.
• [Architecture and Design]For any security checks that are performed on the client side, ensure that these checks are duplicated on the server side, in order to avoid CWE-602. Attackers can bypass the client-side checks by modifying values after the checks have been performed, or by changing the client to remove the client-side checks entirely. Then, these modified values would be submitted to the server.
• [Implementation]Implement SQL strings using prepared statements that bind variables. Prepared statements that do not bind variables can be vulnerable to attack.
• [Implementation]Use vigorous allowlist style checking on any user input that may be used in a SQL command. Rather than escape meta-characters, it is safest to disallow them entirely. Reason: Later use of data that have been entered in the database may neglect to escape meta-characters before use. Narrowly define the set of safe characters based on the expected value of the parameter in the request.

Related CAPEC attack patterns· 1

Exploits (incoming)1

(incoming)1

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.