ABSTRACT

Logging too much information about SQL queries can leak system information or compromise private user data.

EXPLANATION

SQL queries should not be logged in production systems. SQL queries often contain sensitive information, such as credit card details or social security numbers, and logging this information in plain text can compromise its confidentiality.

Example 1: The following entries from log4j.properties file causes all queries to be logged at the info level.


...
log4j.logger.net.sf.hibernate.type=info
log4j.logger.net.sf.hibernate.tool.hbm2ddl=info
...

REFERENCES

[1] Standards Mapping - OWASP Top 10 2007 - (OWASP 2007) A6 Information Leakage and Improper Error Handling

[2] Standards Mapping - Security Technical Implementation Guide Version 3 - (STIG 3) APP3620 CAT II

[3] Standards Mapping - FIPS200 - (FISMA) AU

[4] Standards Mapping - Common Weakness Enumeration - (CWE) CWE ID 497

[5] Red Hat Middleware, LLC Hibernate Reference Documentation

[6] Standards Mapping - Web Application Security Consortium 24 + 2 - (WASC 24 + 2) Information Leakage

[7] Standards Mapping - Payment Card Industry Data Security Standard Version 1.1 - (PCI 1.1) Requirement 3.4

[8] Standards Mapping - Payment Card Industry Data Security Standard Version 2.0 - (PCI 2.0) Requirement 3.4, Requirement 6.5.5

[9] Standards Mapping - Payment Card Industry Data Security Standard Version 1.2 - (PCI 1.2) Requirement 3.4, Requirement 6.5.6