Use of Hard-coded Credentials
| Property | |
|---|---|
| Language | regex |
| Severity |  |
| CWE | CWE-798: Use of Hard-coded Credentials |
| OWASP | A07:2021 - Identification and Authentication Failures |
| Confidence Level | Low |
| Impact Level | Medium |
| Likelihood Level | Low |
Description#
The use of ‘sshpass’ with a hard-coded SSH password exposes sensitive credentials directly in scripts or command lines. This practice makes the password easily accessible to anyone with access to the code or system process list.
Impact#
If an attacker obtains the hard-coded SSH password, they could gain unauthorized access to remote systems, potentially leading to data breaches, system compromise, or lateral movement within your infrastructure. This undermines the security of your authentication process and can result in significant organizational risk.