Severity Framework
Snyk CCSS
Rule category
Keys and Secrets / Data
Is your enviroment affected by this misconfiguration?
In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.
Test your applicationsFrameworks
CIS-Controls
- Snyk ID SNYK-CC-00475
- credit Snyk Research Team
Description
The secret value will be readable to anyone with access to VCS, which can lead to unauthorized data disclosure or privilege escalation.
How to fix?
Remove secret value from configuration.