Description
The user can't get access to the software database but is able to control and modify a primary key of a SQL statement.
Errors of database access control take place when:
1. The data source is untrusted;
2.The data specifies the value of a primary key in a SQL query.
3. The untrusted source isn't alowed to access certain records of database table.
The weakness is introduced during Architecture and Design, Implementation stages.
Latest vulnerabilities for CWE-566
References
Description of CWE-566 on Mitre website