S-002 - Web Application Exploitation Leading to Database Access
Purpose
Model how exploitation of a web application vulnerability could lead to unauthorized access to backend data.
Target Asset / Capability
Threat Source
- External attacker
Scenario Description
An attacker exploits a vulnerability in the Dolibarr application to access or manipulate the underlying database.
Attack / Failure Path
- Attacker identifies exposed Dolibarr instance
- Probes for vulnerabilities (e.g. injection, RCE, auth bypass)
- Exploits vulnerability to execute queries or code
- Accesses or extracts database content
- Potentially escalates privileges
Exposure Conditions
- Public exposure of the application
- Lack of WAF or filtering
- Potential outdated components
- Weak input validation
Potential Impacts
- Data exfiltration (client, financial data)
- Data alteration or deletion
- Full application compromise
Existing Safeguards
- Database not directly exposed
- Restricted SSH access
- Application authentication mechanisms
Residual Concerns
- No WAF
- No centralized monitoring
- Application and database co-hosted
Related Risk Entry
Owner / Review Role
- Security Role (Sec)