Skip to main content

SQL injection - Java Persistence API

Description#

Dynamic SQL statements are generated without the required data validation and without using parameterized statements or stored procedures. When using LIKE-conditions with values that are coming from a not secure source in the Java Persistence API, the values should be sanitized so they can’t contain any wildcards and thereby allow attackers to select more data than they should be able to. For this purpose the escape(String) method is available.

Impact#

Extract sensitive information from the Database

Recommendation#

Perform queries to the database through sentences or parameterized procedures. Alternatively use escape(String) built-in function.

Threat#

Authenticated attacker from the Internet.

Score#

Default score using CVSS 3.1. It may change depending on the context of the vulnerability.

Base#

  • Attack vector: N
  • Attack complexity: L
  • Privileges required: N
  • User interaction: N
  • Scope: U
  • Confidentiality: N
  • Integrity: N
  • Availability: N

Temporal#

  • Exploit code madurity: X
  • Remediation level: X
  • Report confidence: X

Result#

  • Vector string: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N/E:X/RL:X/RC:X
  • Score:
    • Base: 0.0
    • Temporal: 0.0
  • Severity:
    • Base: None
    • Temporal: None

Requirements#