[Cx] Medium - Use_Of_Hardcoded_Password
miguelfreitas93 opened this issue · comments
Medium - Use_Of_Hardcoded_Password
0 Node - Line 36 - "cxPassword"
checkmarx-github-action/src/cxsast.js
Lines 35 to 37
in
7873b79
checkmarx-github-action/src/cxsast.js
Lines 35 to 37 in 7873b79
1 Node - Line 36 - getInput
checkmarx-github-action/src/cxsast.js
Lines 35 to 37
in
7873b79
checkmarx-github-action/src/cxsast.js
Lines 35 to 37 in 7873b79
2 Node - Line 36 - cxPassword
checkmarx-github-action/src/cxsast.js
Lines 35 to 37
in
7873b79
checkmarx-github-action/src/cxsast.js
Lines 35 to 37 in 7873b79
3 Node - Line 78 - cxPassword
checkmarx-github-action/src/cxsast.js
Lines 77 to 79
in
7873b79
checkmarx-github-action/src/cxsast.js
Lines 77 to 79 in 7873b79
4 Node - Line 78 - trim
checkmarx-github-action/src/cxsast.js
Lines 77 to 79
in
7873b79
checkmarx-github-action/src/cxsast.js
Lines 77 to 79 in 7873b79
5 Node - Line 78 - password
checkmarx-github-action/src/cxsast.js
Lines 77 to 79
in
7873b79
checkmarx-github-action/src/cxsast.js
Lines 77 to 79 in 7873b79
6 Node - Line 260 - password
checkmarx-github-action/src/cxsast.js
Lines 259 to 261
in
7873b79
checkmarx-github-action/src/cxsast.js
Lines 259 to 261 in 7873b79
Comments
Miguel Freitas checkmarx-github-action-master, [Monday, June 8, 2020 9:52:12 PM]: Changed severity to Medium
Miguel Freitas checkmarx-github-action-master, [Monday, June 8, 2020 9:52:01 PM]: Changed status to Proposed Not Exploitable
Miguel Freitas checkmarx-github-action-master, [Monday, June 8, 2020 9:51:59 PM]: Changed status to Urgent
Project Details
Checkmarx Version: 9.0.0.40085 HF1
Project ID: 6
Project Name: checkmarx-github-action-master
Preset: Checkmarx Default
Owner: miguel
Team: CxServer\SP\EMEA
Scan Details
Initiator Name: Miguel Freitas
Scan ID: 1000039
LOC: 4642
Files Scanned: 10
Scan Type: Full
Scan URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ViewerMain.aspx?scanid=1000039&projectid=6
Scan Comment: git master@7873b79400662eb591cf013e49150cc3df417edb
Scan Type: 00h:01m:16s
Scan Start Date: Tue Jun 09 2020 23:58:09 GMT+0100 (British Summer Time)
Scan Time: 00h:01m:16s
Source Origin: LocalPath
Visibility: Public
Result Details
Query ID: 3933
Query Path: JavaScript\Cx\JavaScript Server Side Vulnerabilities\Use Of Hardcoded Password Version:1
Query Group: JavaScript_Server_Side_Vulnerabilities
Query Name: Use_Of_Hardcoded_Password
Query Language: JavaScript
Query Language Hash: 0935562945055365
Query Language Change Date: Tue May 19 2020 00:00:00 GMT+0100 (British Summer Time)
Query Version Code: 97095146
Query Severity: Low
Query Severity Index: 1
Similarity ID: 1559227974
Path ID: 4
Result ID: 1000039
Result State: 4
Result Severity: Medium
Result Status: Recurrent
Result Assignee:
Mitigation Details
Checkmarx Recommendations URL: https://cxprivatecloud.checkmarx.net/CxWebClient/ScanQueryDescription.aspx?queryID=3933&queryVersionCode=97095146&queryTitle=Use_Of_Hardcoded_Password
CWE ID: 259
CWE URL: https://cwe.mitre.org/data/definitions/259.html