In this article, we’ll address a handful of typical design flaws when you set up SQ, review risks associated with Insecure Design, as it relates to SQL, and share how secure design can help minimize your company’s risks while improving security posture.
As noted by OWASP, Insecure Design is a new category, introduced in 2021, and focuses on risks related to design and architectural flaws.
Insecure design flaws are failures to follow secure design and architecture best practices by developers, starting from the planning phase of the application. This is a broad category representing different security weaknesses collectively known as insecure design.
Insecure design in SQL can turn even well-coded applications into easy targets for attackers. Poorly planned schemas, excessive privileges, or missing access controls can amplify the impact of common vulnerabilities like SQL injection.
Design flaws often persist across an application’s lifecycle, making them harder to patch after deployment. Addressing these issues early reduces risk, limits attack surface, and improves overall database security posture.
Let’s explore some examples of Insecure Design.
On some databases, administrators set up application database users with administrative privileges. On such systems, attackers who exploit a database system vulnerability can:
That is not a secure design.
Secure design recommends that you configure the least privileges for application database users. To follow best practices for secure design:
With secure design, you can limit the impact of SQL injection to the privileges of the compromised user
An access control issue was found in the production application, where the attacker was able to access the superadmin dashboard and get access to the data of other users. The superadmin dashboard URL was guessed by the attacker, and due to missing access control, it granted full access to the superadmin account.
A detailed threat modelling could have pointed out this scenario where an application user could access a superadmin account. The threat model could also have recommended the developers implement strong access control, separating the superadmin area of the application from the user side.
Missing rate limiting in the coupon code in an e-commerce website leads to bots trying to brute-force the coupon codes, attracting unnecessary traffic, which leads to performance issues.
Since this was not anticipated during the design phase, there wasn’t any preventive control to avoid this. A secure design with an application firewall to protect any bot activity and a lockout mechanism could have avoided this issue.
In 2024, security researchers discovered a critical SQL injection vulnerability in FlyCASS, a third-party platform used by smaller airlines to access TSA's Known Crewmember (KCM) and Cockpit Access Security System (CASS). This flaw allowed unauthorized individuals to add fake pilots to airline rosters, potentially bypassing TSA security checks and gaining access to restricted areas, including cockpits.
The vulnerability stemmed from insecure design practices, such as improper input validation and lack of parameterized queries in the login system. Despite disclosing the issue to the Department of Homeland Security and the TSA, the researchers reported that their findings were ignored, and the TSA attempted to downplay the severity of the flaw.
This incident underscores the critical importance of secure design principles, including robust input validation and parameterized queries, to prevent SQL injection attacks and protect sensitive systems from exploitation.
Addressing insecure design in SQL is critical for protecting applications and sensitive data from exploitation. By following secure design principles, performing threat modeling, and enforcing proper access controls, organizations can reduce risk and strengthen their security posture.
Engaging experts, like the Cobalt Core, provides additional assurance by uncovering design flaws and vulnerabilities before attackers can exploit them. Learn more about how Cobalt excels in offering penetration testing services that delight engineering and security teams alike.