SYM_GEN_0101 - SymbioticSec/Symbiotic-Vulnerability-Database GitHub Wiki
Use of Hard-coded Credentials
| Property | Value |
|---|---|
| Language | generic |
| Severity |  |
| CWE | CWE-798: Use of Hard-coded Credentials |
| OWASP | A07:2021 - Identification and Authentication Failures |
| Confidence Level | Low |
| Impact Level | Medium |
| Likelihood Level | Low |
Description
A private key has been found directly in the code. Storing sensitive keys in source files exposes them to anyone with code access and increases the risk of accidental leaks.
Impact
If an attacker obtains this private key, they could impersonate your service, decrypt confidential data, or gain unauthorized access to protected resources. This could lead to data breaches, service compromise, or loss of trust in your application.