[Cx] Medium - Use_Of_Hardcoded_Password
github-actions opened this issue · comments
Medium - Use_Of_Hardcoded_Password
0 Node - 35 - "cxPassword"
checkmarx-github-action/src/cxsast.js
Lines 34 to 36
in
c4a98d5
checkmarx-github-action/src/cxsast.js
Lines 34 to 36 in c4a98d5
1 Node - 35 - getInput
checkmarx-github-action/src/cxsast.js
Lines 34 to 36
in
c4a98d5
checkmarx-github-action/src/cxsast.js
Lines 34 to 36 in c4a98d5
2 Node - 35 - cxPassword
checkmarx-github-action/src/cxsast.js
Lines 34 to 36
in
c4a98d5
checkmarx-github-action/src/cxsast.js
Lines 34 to 36 in c4a98d5
3 Node - 77 - cxPassword
checkmarx-github-action/src/cxsast.js
Lines 76 to 78
in
c4a98d5
checkmarx-github-action/src/cxsast.js
Lines 76 to 78 in c4a98d5
4 Node - 77 - trim
checkmarx-github-action/src/cxsast.js
Lines 76 to 78
in
c4a98d5
checkmarx-github-action/src/cxsast.js
Lines 76 to 78 in c4a98d5
5 Node - 77 - password
checkmarx-github-action/src/cxsast.js
Lines 76 to 78
in
c4a98d5
checkmarx-github-action/src/cxsast.js
Lines 76 to 78 in c4a98d5
6 Node - 259 - password
checkmarx-github-action/src/cxsast.js
Lines 258 to 260
in
c4a98d5
checkmarx-github-action/src/cxsast.js
Lines 258 to 260 in c4a98d5
Comments
Miguel Freitas checkmarx-github-action-master, [Monday, June 8, 2020 9:52:12 PM]: Changed severity to Medium
Miguel Freitas checkmarx-github-action-master, [Monday, June 8, 2020 9:52:01 PM]: Changed status to Proposed Not Exploitable
Miguel Freitas checkmarx-github-action-master, [Monday, June 8, 2020 9:51:59 PM]: Changed status to Urgent
Project Details
Checkmarx Version: 9.0.0.40085 HF1
Project ID: 6
Project Name: checkmarx-github-action-master
Preset: Checkmarx Default
Owner: miguel
Team: CxServer\SP\EMEA
Scan Details
Initiator Name: Miguel Freitas
Scan ID: 1000031
LOC: 4601
Files Scanned: 10
Scan Type: Full
Scan URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1000031&projectid=6
Scan Comment: git master@c4a98d5c2079eaae3334ce25f08f89e073c14cb7
Scan Type: 00h:01m:04s
Scan Start Date: Tue Jun 09 2020 20:23:34 GMT+0000 (Coordinated Universal Time)
Scan Time: 00h:01m:04s
Source Origin: LocalPath
Visibility: Public
Result Details
Query ID: 3933
Query Path: JavaScript\Cx\JavaScript Server Side Vulnerabilities\Use Of Hardcoded Password Version:1
Query Group: JavaScript_Server_Side_Vulnerabilities
Query Name: Use_Of_Hardcoded_Password
Query Language: JavaScript
Query Language Hash: 0935562945055365
Query Language Change Date: Tue May 19 2020 00:00:00 GMT+0000 (Coordinated Universal Time)
Query Version Code: 97095146
Query Severity: Low
Query Severity Index: 1
Similarity ID: 1559227974
Path ID: 4
Result ID: 1000031
Result State: 4
Result Severity: Medium
Result Status: Recurrent
Result Assignee:
Mitigation Details
Checkmarx Recommendations URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ScanQueryDescription.aspx?queryID=3933&queryVersionCode=97095146&queryTitle=Use_Of_Hardcoded_Password
CWE ID: 259
CWE URL: https://cwe.mitre.org/data/definitions/259.html