SYM_GEN_0205 - SymbioticSec/Symbiotic-Vulnerability-Database GitHub Wiki
Use of Hard-coded Credentials
| Property | Value |
|---|---|
| Language | regex |
| Severity |  |
| CWE | CWE-798: Use of Hard-coded Credentials |
| OWASP | A07:2021 - Identification and Authentication Failures |
| Confidence Level | Low |
| Impact Level | Medium |
| Likelihood Level | Low |
Description
A Datadog access token has been found hard-coded in the source code. Storing sensitive credentials directly in code exposes them to anyone with code access, increasing the risk of unauthorized use.
Impact
If leaked, attackers could use the Datadog token to access monitoring data, manipulate dashboards, or disrupt logging infrastructure. This could lead to exposure of sensitive operational information, service disruptions, or unauthorized changes to monitoring settings.