Documentation Index
Fetch the complete documentation index at: https://docs.codeant.ai/llms.txt
Use this file to discover all available pages before exploring further.
pg-empty-password
pg-empty-password
The application uses an empty credential. This can lead to unauthorized access by either an internal or external malicious actor. It is recommended to rotate the secret and retrieve them from a secure secret vault or Hardware Security Module (HSM), alternatively environment variables can be used if allowed by your company policy.
Likelihood: MEDIUM
Confidence: HIGH
CWE:
- CWE-287: Improper Authentication
OWASP:
- A02:2017 - Broken Authentication
- A07:2021 - Identification and Authentication Failures
Likelihood: MEDIUM
Confidence: HIGH
CWE:
- CWE-287: Improper Authentication
OWASP:
- A02:2017 - Broken Authentication
- A07:2021 - Identification and Authentication Failures