CodeAnt AI home page

Support
Dashboard
Dashboard

Join Community

Start Here

What is CodeAnt?

Setup

Github
Bitbucket
Gitlab
Azure Devops

Pull Request Review

Features
Customize Review
Quality Gates
Integrations

Scan center

Code Security
Code Quality
Cloud Security
Engineering Productivity

Integrations

Jira
Test Coverage
CI/CD

IDE

Setup
Review
Enhancements

Rule Reference

Compliance
Anti-Patterns
Code Governance
Infrastructure Security Database
Application Security Database
- Apex
- Bash
- C
- Clojure
- Cpp
- Csharp
- Dockerfile
- Elixir
- Fingerprints
- Generic
- Go
- Html
- Java
  - Android
  - Aws-lambda
  - Castor
  - Java-jwt
  - Jax-rs
  - Jboss
  - Jdo
    - Datanucleus
    - Javax
      - Secrets
        Hardcoded-connection-password
        Hardcoded connection password
  - Jedis
  - Jjwt
  - Jsch
  - Kryo
  - Lang
  - Micronaut
  - Mongo
  - Mongodb
  - Mysql
  - Okhttp
  - Rmi
  - Servlets
  - Spring
  - Thymeleaf
  - Xstream
- Javascript
- Json
- Kotlin
- Ocaml
- Php
- Problem-based-packs
- Python
- Ruby
- Rust
- Scala
- Solidity
- Swift
- Terraform
- Typescript
- Yaml

Resources

Open Source
Blogs

Hardcoded-connection-password

Hardcoded connection password

hardcoded-connection-password

A secret is hard-coded in the application. Secrets stored in source code, such as credentials, identifiers, and other types of sensitive data, can be leaked and used by internal or external malicious actors. Use environment variables to securely provide credentials and other secrets or retrieve them from a secure vault or Hardware Security Module (HSM).
Likelihood: HIGH
Confidence: HIGH
CWE:
- CWE-798: Use of Hard-coded Credentials
OWASP:
- A07:2021 - Identification and Authentication Failures

Hardcoded connection password Jedis auth hardcoded secret

twitter linkedin

Powered by Mintlify

Assistant

Responses are generated using AI and may contain mistakes.