Use of Hard-coded Cryptographic Key
| Property | |
|---|---|
| Language | apex |
| Severity |  |
| CWE | CWE-321: Use of Hard-coded Cryptographic Key |
| OWASP | A02:2021 - Cryptographic Failures |
| Confidence Level | Low |
| Impact Level | High |
| Likelihood Level | Low |
Description#
The rule makes sure you are using randomly generated IVs and keys for Crypto calls. Hard-coding these values greatly compromises the security of encrypted data.