PHP : Unsafe database access control
Classification
OWASP Top 10 2013 A1-Injection A4-Insecure Direct Object References A7-Missing Function Level Access Control OWASP Top 10 2017 A1-Injection A5-Broken Access Control OWASP Top 10 2021 A3-Injection A1-Broken Access Control OWASP ASVS Access Control Access Control Access Control Access Control Authentication Authentication Authentication PCI DSS 4.0 6.2.4 7.2.6 HIPAA §164.312 (a)(1) §164.312 (d) CWE CWE-284 CWE-287 CWE-306 CWE-862 CWE-1027 CWE-1030 CWE-1033 CWE/SANS Top 25 2011 CWE-306 CWE-862 CWE/SANS Top 25 2021 CWE-287 CWE-306 CWE-862Overview
In the absence of proper access control, SQL query execution with a primary key obtained from an untrusted source may give an attacker unauthorized access to database entries.
Broken Access Control take the fifth place in the “OWASP Top 10 2017” web application vulnerabilities ranking.
A vulnerability caused by unsafe direct object references can result in an authorized user of the web application gaining unauthorized access to privileged functions and data. If the application code does not correctly or improperly implement methods for working with information objects (for example, with files, directories or database keys), users who do not have the required privileges can bypass the protection measures implemented in the application. Using this vulnerability, users can change parameter values in such a way that they can directly access objects they are denied access to.
References
