CWE-943 Detail

The product generates a query intended to access or manipulate data in a data store such as a database, but it does not neutralize or incorrectly neutralizes special elements that can modify the intended logic of the query.

Modes Of Introduction

Implementation : REALIZATION: This weakness is caused during implementation of an architectural security tactic.

Piattaforme applicabili

Linguaggio

Class: Not Language-Specific (Undetermined)

Conseguenze comuni

Esempi osservati

Detection Methods

Automated Static Analysis

Automated static analysis, commonly referred to as Static Application Security Testing (SAST), can find some instances of this weakness by analyzing source code (or binary/compiled code) without having to execute it. Typically, this is done by building a model of data flow and control flow, then searching for potentially-vulnerable patterns that connect "sources" (origins of input) with "sinks" (destinations where the data interacts with external components, a lower layer such as the OS, etc.)
Effectiveness : High

Note sulla mappatura delle vulnerabilità

Giustificazione : This CWE entry is a Class and might have Base-level children that would be more appropriate
Commento : Examine children of this entry to see if there is a better fit

Pattern di attacco correlati

Note

It could be argued that data query languages are effectively a command language - albeit with a limited set of commands - and thus any query-language injection issue could be treated as a child of CWE-74. However, CWE-943 is intended to better organize query-oriented issues to separate them from fully-functioning programming languages, and also to provide a more precise identifier for the many query languages that do not have their own CWE identifier.

Riferimenti

REF-1454

NoSQL injection
PortSwigger.
https://portswigger.net/web-security/nosql-injection

REF-1455

A Pentester's Guide to NoSQL Injection
The SecOps Group.
https://secops.group/a-pentesters-guide-to-nosql-injection/

Invio

Modifiche