Home

Hard coded UserId / Password

  • Vulnerability
  • Critical

Rule description

  • Hard coded UserId / Password

 

Non-compliant Code Example 

DBParm="ConnectString = 'DSN=Sales;UID=dba@123;PWD=sql1$12'" //Non compliant code (The password is hard coded)
SQLCA lnv_SQLCA
lnv_SQLCA = Create SQLCA
lnv_SQLCA.DBParm="ConnectString = 'DSN=Sales;UID=dba;PWD=sql'" //Non compliant code (The password is hard coded)

Compliant Code Example

DBParm="ConnectString = 'DSN=Sales;UID=" + txtuserId.Text + ";PWD=" + txtPassword.Text + "'"//Compliant code
Visual Expert 2020
 VEPBRULE4