Products
In-IDE
IDE extension that lets you fix coding issues before they exist!
Discover SonarQube for IDE
SaaS
Setup is effortless and analysis is automatic for most languages
Discover SonarQube Cloud
Self-Hosted
Fast, accurate analysis; enterprise scalability
Discover SonarQube Server

C# static code analysis

Unique rules to find Bugs, Vulnerabilities, Security Hotspots, and Code Smells in your C# code

Connection strings should not be vulnerable to injections attacks

intentionality - complete

security

Vulnerability

Database connection strings control how an application connects to a database. They include information such as the location of the database, how to authenticate with the database, and how the connection should be secured.

The insertion of user-supplied values into a connection string can allow external control of these database connections.

Why is this an issue?

How can I fix it?

More Info

Connection strings contain a series of parameters that are structured as key/value pairs, similar to key1=value1;key2=value2.

If an attacker can control values that are inserted into the connection string, they may be able to insert additional parameters. These additional parameters can override values that were supplied earlier in the connection string.

What is the potential impact?

An attacker can use specially-crafted values to change how the database connection is made. These values can add new parameters to the connection string, or can override parameters that had already been specified.

Escalation of privilege

Some database servers allow authentication via an OS user account instead of a username and password. The database connection is authenticated as the user running the application. When this authentication mode is used, any username or password in the connection string are ignored.

If an attacker can force the use of this authentication mode, the connection will be made as the user that the web application is running under. This will often be the LocalSystem or NetworkService account on Windows. Such accounts are often given a high level of privileges on the database server.

Credential theft

If an attacker can change the database server in the connection string, they can have the web application connect to a server that they control. The web application will then authenticate with that server, allowing those credentials to be stolen.

Bypassing data validation

Many web applications implicitly trust data that’s stored in the database. The data is validated before it is stored, so no additional validation is performed when that data is loaded.

If an attacker can change the database server in the connection string, they can have the web application connect to a database server that they control. Invalid data in this database could be passed to other services or systems, or could be used to trigger other bugs and logic flaws in the web application.

Network traffic sniffing

The connection string can control how the connection to the database server is secured. For example, it can control whether connections to Microsoft SQL Server use transport layer security (TLS).

If an attacker can disable these network security measures and they have some way to monitor traffic between the web server and the database server, they will be able to see all information that’s written to and read from the database.

Available In:

Detect issues in your GitHub, Azure DevOps Services, Bitbucket Cloud, GitLab repositories

Analyze code in your
on-premise CI

Developer Edition
Available Since
10.2

In-IDE

SaaS

Self-Hosted