Database Vulnerabilities
Several issues can harm the security of your databases. The canonical list includes the following:
- Unauthenticated flaws in network protocols
- Authenticated flaws in network protocols
- Flaws in authentication protocols
- Unauthenticated access to functionality
- Arbitrary code execution in intrinsic SQL elements
- Arbitrary code execution in securable SQL elements
- Privilege escalation via SQL injection
- Local privilege escalation issues
4 Categories of Database Vulnerabilities
- Protocol Issues
- Unauthenticated Access
- Arbitrary Code Execution
- Privilege Escalation
Protocol Issues
Vulnerabilities might exist in the protocols used by any given database.
- the network protocols used to communicate with the database
- common software development vulnerabilities like buffer overflows
- protocols used to authenticate the database
Protect against known protocol issues:
- use the latest database software updates
Protect against unknown protocol issues:
- limit access to database
- limit who is able to connect to the database
- limit the privileges and accounts for the database
Unauthenticated Access
Without authenticated credentials to access a database, attackers can gain access to the database.
Always require credentials to authenticate access to a database.
Arbitrary Code Execution
Arbitrary code execution, aka remote code execution when conducted over the network, is the ability for attackers to execute any commands on a system that they choose, without restriction.
- Attackers can do this due to security flaws in SQL
- E.g., if attacker gained access to the database, they can use the
load_fileandoutfilefunctions to read and write to the file system
- E.g., if attacker gained access to the database, they can use the
- Defend against this by using current versions of software and using secure coding practices
Privilege Escalation
Privilege escalation attacks are those that increase your level of access above what you’re authorized to have on the system or application.
- can occur by:
- SQL injection
- failure to properly secure operating system