Use of Hard-coded Credentials
| Property | |
|---|---|
| Language | regex |
| Severity |  |
| CWE | CWE-798: Use of Hard-coded Credentials |
| OWASP | A07:2021 - Identification and Authentication Failures |
| Confidence Level | Low |
| Impact Level | Medium |
| Likelihood Level | Low |
Description#
A Sauce Labs access token appears to be hard-coded or exposed in the codebase. Storing sensitive credentials like this in code makes them easily accessible to anyone with code access.
Impact#
If an attacker obtains this token, they could gain unauthorized access to your Sauce Labs account, potentially running, modifying, or deleting automated tests and data. This could lead to data leaks, service misuse, or disruptions to your CI/CD workflow.