> ## Documentation Index
> Fetch the complete documentation index at: https://docs.codeant.ai/llms.txt
> Use this file to discover all available pages before exploring further.

# Python pymongo empty password

<AccordionGroup>
  <Accordion title="python-pymongo-empty-password">
    The application creates a database connection with an empty password. This can lead to unauthorized access by either an internal or external malicious actor. To prevent this vulnerability, enforce authentication when connecting to a database by using environment variables to securely provide credentials or retrieving them from a secure vault or HSM (Hardware Security Module).<br />**Likelihood**: LOW<br />**Confidence**: HIGH<br />**CWE**: <br />- CWE-287: Improper Authentication
    <br />**OWASP**: <br />- A07:2021 - Identification and Authentication Failures
  </Accordion>
</AccordionGroup>