SYM_GEN_0086 - SymbioticSec/Symbiotic-Vulnerability-Database GitHub Wiki
Use of Hard-coded Credentials
| Property | Value |
|---|---|
| Language | regex |
| Severity |  |
| CWE | CWE-798: Use of Hard-coded Credentials |
| OWASP | A07:2021 - Identification and Authentication Failures |
| Confidence Level | Low |
| Impact Level | Medium |
| Likelihood Level | Low |
Description
Sensitive Google Cloud service account credentials have been detected in your codebase. Exposing these credentials allows unauthorized access to your Google Cloud resources.
Impact
If attackers obtain these credentials, they can access, modify, or delete cloud resources and data, potentially resulting in data breaches, service disruption, or unauthorized charges to your cloud account.