Use of Hard-coded Credentials
| Property | |
|---|---|
| Language | regex |
| Severity |  |
| CWE | CWE-798: Use of Hard-coded Credentials |
| OWASP | A07:2021 - Identification and Authentication Failures |
| Confidence Level | Low |
| Impact Level | Medium |
| Likelihood Level | Low |
Description#
A DigitalOcean refresh token (a type of secret credential) is hard-coded directly into the source code. Storing credentials in code makes them easily accessible to anyone with code access, increasing the risk of accidental leaks.
Impact#
If a hard-coded refresh token is exposed, attackers could use it to gain unauthorized access to your DigitalOcean account, potentially allowing them to view, modify, or delete resources. This can lead to data breaches, resource compromise, and financial loss.