lcimeni
commented
3 years ago Update: This finding has been marked as ‘Pass’ by Lorenz Cimeni, so no additional action required.
Powered by NowSecure Platform
Open lcimeni opened 3 years ago
lcimeni
commented
3 years ago Update: This finding has been marked as ‘Pass’ by Lorenz Cimeni, so no additional action required.
Powered by NowSecure Platform
lcimeni
commented
3 years ago Update: The risk severity (CVSS score) of this finding has been modified from 3.33 to 3.3333 by Lorenz Cimeni.
Powered by NowSecure Platform
Finding Description
Sensitive data was found to be contained within crypto calls. This finding is to show the presence of data being hashed or encrypted, but does not indicate an issue in using those methods. The table below displays each crypto method used, the data type, the actual value that was recovered, whether this value was recovered in plain text form or a specific encoding, and the data that was found to contain the sensitive value.
Steps to Reproduce
CommonCrypto calls are analyzed to determine if any sensitive data is protected using symmetric encryption, hash-based message authentication codes, and digests.
Risk and Regulatory Information
Severity: info
Application
See more detail in the NowSecure Report