Use_Of_Hardcoded_Password @ /ReturnSevered1.bas #272
Description
Checkmarx (SAST): Use_Of_Hardcoded_Password
Security Issue: Read More about Use_Of_Hardcoded_Password
Checkmarx Project: cx-boris-goman/borJavaVul
Repository URL: https://github.com/cx-boris-goman/borJavaVul
Branch: main
Scan ID: df63710a-c9c2-4406-9ad7-319bd05458a4
The application uses the hard-coded password ""notsafe!"" for authentication purposes, either using it to verify users' identities, or to access another remote system. This password at line 13 of /ReturnSevered1.bas appears in the code, implying it is accessible to anyone with source code access, and cannot be changed without rebuilding the application.
Result 1:
Severity: MEDIUM
State: TO_VERIFY
Status: RECURRENT
Attack Vector:
1. ""notsafe!"": /ReturnSevered1.bas[13,22]
Review result in Checkmarx One: Use_Of_Hardcoded_Password