Security Test: Exposed SQL Dumps¶
Description¶
Default Severity:
Exposed SQL Dumps occur when a MySQL dump file containing sensitive data is left accessible, usually because backup files aren't properly secured or removed from public servers. The danger lies in the fact that these dumps often contain everything from database schemas to user credentials, which gives attackers all they need for data breaches or further intrusions. Developers often fall into the trap of leaving these files accessible after testing or backup processes, not realizing that an overlooked file can lead to significant financial and reputational damage if exploited.
Configuration¶
Identifier:
information_disclosure/exposed_sql_dumps
Examples¶
All configuration available:
Compliance and Standards¶
| Standard | Value |
|---|---|
| OWASP API Top 10 | API8:2023 |
| OWASP LLM Top 10 | LLM06:2023 |
| PCI DSS | 6.5.1 |
| GDPR | Article-32 |
| SOC2 | CC6 |
| PSD2 | Article-95 |
| ISO 27001 | A.12.6 |
| NIST | SP800-92 |
| FedRAMP | AC-22 |
| CWE | 200 |
| CVSS Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
| CVSS Score | 3.0 |