Statements (27)
| Predicate | Object |
|---|---|
| gptkbp:instanceOf |
gptkb:Common_Weakness_Enumeration
|
| gptkbp:category |
Software Security Weakness
|
| gptkbp:consequence |
gptkb:Privilege_Escalation
gptkb:Authentication_Bypass Information Disclosure |
| gptkbp:describedBy |
gptkb:MITRE_CWE
|
| gptkbp:describes |
The software uses hard-coded credentials, such as a password or cryptographic key, which can compromise system security.
|
| gptkbp:example |
Hard-coded cryptographic key in firmware
Hard-coded password in source code |
| gptkbp:externalLink |
https://cwe.mitre.org/data/definitions/798.html
|
| gptkbp:foundIn |
Embedded Systems
IoT Devices Software Applications |
| gptkbp:maintainedBy |
gptkb:MITRE_Corporation
|
| gptkbp:mitigatedBy |
Do not hard-code credentials in source code.
Use secure storage mechanisms for credentials. |
| gptkbp:name |
Use of Hard-coded Credentials
|
| gptkbp:partOf |
gptkb:CWE_Top_25_Most_Dangerous_Software_Weaknesses
|
| gptkbp:relatedTo |
gptkb:CWE-522
CWE-259 CWE-321 |
| gptkbp:status |
Active
|
| gptkbp:vulnerableTo |
798
|
| gptkbp:weakness |
gptkb:Base
|
| gptkbp:bfsParent |
gptkb:CWE
|
| gptkbp:bfsLayer |
7
|
| https://www.w3.org/2000/01/rdf-schema#label |
CWE-798
|