Use of Hard-coded Credentials
| Property | |
|---|---|
| Language | regex |
| Severity |  |
| CWE | CWE-798: Use of Hard-coded Credentials |
| OWASP | A07:2021 - Identification and Authentication Failures |
| Confidence Level | Low |
| Impact Level | Medium |
| Likelihood Level | Low |
Description#
A New Relic Insert Key has been found hard-coded in the source code. Storing sensitive credentials directly in code makes it easy for them to be accidentally exposed or accessed by unauthorized users.
Impact#
If this key is leaked, attackers could send fake or malicious data to your New Relic account, potentially corrupting monitoring data or incurring unexpected costs. This may also lead to broader compromise if attackers leverage the key to gain further insights into your infrastructure or operations.