Questions tagged [hardcoded]
The hardcoded tag has no usage guidance.
4
questions
0
votes
0
answers
12
views
what is the alternative of hardcoded secret [duplicate]
I have a class in the code that does some sort of encryption, and to do so there is a hardcoded key in the code. After reviewing the code by a security expert, he raised this as an issue, highliting ...
0
votes
1
answer
568
views
Is having hard-coded API keys such as the SafetyNet API key considered a vulnerability?
I have a scenario where the developers are using SafetyNet API to protect their Android apps. I observed that the SafetyNet API key has been hard-coded within the apk file. This is the first time I ...
6
votes
3
answers
2k
views
Why are there multiple "Hardcoded Password" Entries in CWE instead of single one?
When I looked up hardcoded password vulnerability in software world, I saw there are three kinds of vulnerabilities. These are that:
CWE-798: Use of Hard-coded Credentials
The Hardcoded Creds ...
0
votes
2
answers
145
views
What types of software can have "Hardcoded Password" vulnerability?
When I investigated the Google results, the software vulnerability "Hardcoded Password" (cwe-798 & cwe-259) is a vulnerability for IoT devices' software (see: link1) and thick client ...