Hardcoded_password_in_Connection_String @ /encode.frm #25
Description
Checkmarx (SAST): Hardcoded_password_in_Connection_String
Security Issue: Read More about Hardcoded_password_in_Connection_String
Checkmarx Project: AsafOrgTesting/FlowListenerPublicRepo
Repository URL: https://github.com/AsafOrgTesting/FlowListenerPublicRepo
Branch: main
Scan ID: 2e34543b-886d-4d6e-a92b-ab98a7cee728
The application contains hardcoded connection details, ""connection string"", at line 67 of /encode.frm. This connection string contains a hardcoded password, which is used in CxMethod_Vb6_encode_d95407b7 at line 67 of /encode.frm to connect to a database server with open. This can expose the database password, and impede proper password management.
Result #1:
Severity: MEDIUM
State: TO_VERIFY
Status: NEW
Attack Vector:
1. ""connection string"": /encode.frm[67,11]
2. open: /encode.frm[67,5]
Review result in Checkmarx One: Hardcoded_password_in_Connection_String