Description
The software uses a database table that includes records that should not be accessible to an actor, but it executes a SQL statement with a primary key that can be controlled by that actor.
Modes of Introduction:
– Architecture and Design
Related Weaknesses
Consequences
Confidentiality, Integrity, Access Control: Read Application Data, Modify Application Data, Bypass Protection Mechanism
Potential Mitigations
Phase: Implementation
Description:
Assume all input is malicious. Use a standard input validation mechanism to validate all input for length, type, syntax, and business rules before accepting the data. Use an “accept known good” validation strategy.
Phase: Implementation
Description:
Use a parameterized query AND make sure that the accepted values conform to the business rules. Construct your SQL statement accordingly.