Use of Hard-coded Credentials
| Property | |
|---|---|
| Language | regex |
| Severity |  |
| CWE | CWE-798: Use of Hard-coded Credentials |
| OWASP | A07:2021 - Identification and Authentication Failures |
| Confidence Level | Low |
| Impact Level | Medium |
| Likelihood Level | Low |
Description#
Hard-coded Yandex AWS access tokens were found in the source code. Storing credentials directly in code makes them easy to accidentally expose in version control or code sharing.
Impact#
If attackers obtain these hard-coded tokens, they could gain unauthorized access to your Yandex AWS resources, potentially leading to data breaches, resource manipulation, or service disruption. This can compromise sensitive information and put your infrastructure at risk.