450 – Blind-based SQL injection

Description

In a blind SQL injection attack, an attacker sends queries to the server that ask the database true or false questions. Although the application does not directly display the results, the system's behavior or response allows the attacker to infer whether the injection was successful. This type of attack takes advantage of situations where detailed error messages are hidden, but the vulnerable code has not been properly secured, enabling sensitive information to be extracted indirectly.

Impact

- Allow an attacker to interfere with the queries that an application makes to its database. - Retrieve information from the database an even extract data. - Affect the authentication and authorization aspects of the application. - Steal sensitive information stored in databases.

Recommendation

- Use of prepared statements (with parameterized queries). - Use of stored procedures. - Enforcing the least privilege.

Threat

Anonymous attacker from an intranet.

Expected Remediation Time

60 minutes.

Score 4.0

Default score using CVSS 4.0. It may change depending on the context of the src.

Base 4.0

Attack vector: N
Attack complexity: L
Attack Requirements: N
Privileges required: N
User interaction: N
Confidentiality (VC): L
Integrity (VI): L
Availability (VA): L
Confidentiality (SC): N
Integrity (SI): N
Availability (SA): N