DerScanner
Home / Vulnerability Database / T-SQL : Undocumented feature: network activity
T-SQL

T-SQL : Undocumented feature: network activity

Classification

OWASP ASVS
Malicious Code
PCI DSS 4.0
2.2.4
CWE
CWE-506CWE-510

Overview

The application initiates a connection with the hardcoded external server. If the address is not in the white list, this may indicate undocumented network activity.

Undocumented network activity may lead to a sensitive data exposure. Sensitive Data Exposure takes the third place in the OWASP Top 10 2017 web application vulnerabilities ranking.

References

  1. Backdoor (computing)
  2. The Art of the Backdoor
  3. CWE-506: Embedded Malicious Code
LOW

DerScanner Severity Score

Do you want to fix T-SQL : Undocumented feature: network activity in your application?

See also

T-SQL

T-SQL : Weak encryption algorithm

T-SQL

T-SQL : Weak hashing algorithm

T-SQL

T-SQL : Weak random number generator