tsunez
commented
3 years ago Issue still exists.
SUMMARY
Issue has 1 vulnerability/vulnerabilities left to be fixed (Please scroll to the top for more information)
Open tsunez opened 3 years ago
tsunez
commented
3 years ago Issue still exists.
Issue has 1 vulnerability/vulnerabilities left to be fixed (Please scroll to the top for more information)
tsunez
commented
3 years ago Issue still exists.
Issue has 1 vulnerability/vulnerabilities left to be fixed (Please scroll to the top for more information)
Empty_Password issue exists @ iGoat-Swift/iGoat-Swift/Source/Exercises/InsecureLocalDataStorage/CoreData/KeychainUsage/KeychainDumper.swift in branch master
The application uses the empty password passwordInGenp for authentication purposes, either using it to verify users' identities, or to access another remote system. This empty password is set at line 9 of iGoat-Swift\iGoat-Swift\Source\Exercises\InsecureLocalDataStorage\CoreData\KeychainUsage\KeychainDumper.swift appears in the code, cannot be changed without rebuilding the application and indicates its associated account is exposed.
Severity: Low
CWE:521
Vulnerability details and guidance
Checkmarx
Recommended Fix
Lines: 9
Code (Line #9):