Authorization / Database Connection String Disclosed
Description
Database connection string disclosed (CWE-209) is a vulnerability that occurs when a database connection string, such as a password, is disclosed in a web or API application or within the infrastructure. This can allow an attacker to gain access to the database and sensitive information stored within it. Furthermore, the OWASP Testing Guide identifies Database Connection Strings Disclosure as one of the top 10 most critical web security risks.
Risk
The risk of this vulnerability is high as an attacker could gain access to the database and its sensitive information. This could lead to the compromise of confidential data, leading to financial, reputational, and legal damage.
Solution
The best way to mitigate this vulnerability is to ensure that database connection strings are not stored in plain text. Instead, they should be stored in an encrypted or hashed format. It is also important to store the connection strings in a secure location, such as an environment variable or a configuration file outside of the webroot. Additionally, access to the configuration files should be restricted to a limited number of personnel.
Example
// Insecure example
$con = new mysqli($host, $user, $password, $db);
// Secure example
$con = new mysqli($host, $user, getenv('DB_PASSWORD'), $db);
In this example, the insecure example stores the password in plain text, while the secure example retrieves the password from an environment variable, which is more secure.