Insufficiently Protected Credentials
| Property | |
|---|---|
| Language |  |
| Severity |  |
| CWE | CWE-522: Insufficiently Protected Credentials |
| OWASP | A02:2017 - Broken Authentication |
| Confidence Level | Medium |
| Impact Level | Medium |
| Likelihood Level | Medium |
Description#
Database passwords are hardcoded directly in Terraform source files for AWS RDS resources. This exposes sensitive credentials in version control and to anyone with access to the codebase.
Impact#
If attackers or unauthorized users access the source code, they can obtain database credentials, potentially leading to unauthorized data access, data breaches, or service disruption. This compromises the security of your database and may violate compliance requirements.