SYM_GEN_0277 - SymbioticSec/Symbiotic-Vulnerability-Database GitHub Wiki
Use of Hard-coded Credentials
| Property | Value |
|---|---|
| Language | regex |
| Severity |  |
| CWE | CWE-798: Use of Hard-coded Credentials |
| OWASP | A07:2021 - Identification and Authentication Failures |
| Confidence Level | Low |
| Impact Level | Medium |
| Likelihood Level | Low |
Description
An Okta access token was found hard-coded in the source code. Storing credentials directly in code exposes sensitive information to anyone with code access and increases the risk of accidental leaks.
Impact
If attackers obtain this token, they could gain unauthorized access to Okta-protected resources or user accounts, leading to data breaches, privilege escalation, or compromise of organizational systems.