Open tsunez opened 4 years ago
Issue still exists.
Issue has 1 vulnerability/vulnerabilities left to be fixed (Please scroll to the top for more information)
Issue still exists.
Issue has 1 vulnerability/vulnerabilities left to be fixed (Please scroll to the top for more information)
Use_of_Hardcoded_Password issue exists @ iGoat-Swift/iGoat-Swift/Source/Exercises/Key Management/Hard Coded Keys/BrokenCryptographyExerciseVC.swift in branch master
The application uses a single, hard-coded password password for authentication purposes, either using it to verify users' identities, or to access another remote system. This password at line 30 of iGoat-Swift\iGoat-Swift\Source\Exercises\Key Management\Hard Coded Keys\BrokenCryptographyExerciseVC.swift appears in the code as plaintext, and cannot be changed without rebuilding the application.
Severity: Low
CWE:259
Vulnerability details and guidance
Checkmarx
Recommended Fix
Lines: [32](https://github.com/Custodela/iGoat-Swift/blob/master/iGoat-Swift/iGoat-Swift/Source/Exercises/Key Management/Hard Coded Keys/BrokenCryptographyExerciseVC.swift#L32)
[Code (Line #32):](https://github.com/Custodela/iGoat-Swift/blob/master/iGoat-Swift/iGoat-Swift/Source/Exercises/Key Management/Hard Coded Keys/BrokenCryptographyExerciseVC.swift#L32)