CQE-9003: SQL Command Execution

 
SQL Command Execution
Practice ID: 9003 Maturity: Preliminary
+ Description

Description Summary

SQL Command Control

Extended Description

Software unaware of SQL command control incurs the risk of unauthorized read, modify, and delete access to sensitive data.

+ Relationships
NatureTypeIDNameView(s) this relationship pertains to
View
CanPrecede
Co
Consequence
9152Unauthorized Access to Sensitive Information
Default Graph (primary)9001
ParentOf
Is
Issue
89SQL Injection Improper Input Neutralization
Quality Issues Organized by Practices (primary)9002
Page Last Updated or Reviewed: October 01, 2017