Home

Hard coded UserId / Password

  • Vulnerability
  • Critical

Rule description

  • Hard coded UserId / Password

 

Non-compliant Code Example 

DBParm="ConnectString = 'DSN=Sales;UID=dba@123;PWD=sql1$12'" // The password is hard coded
SQLCA lnv_SQLCA
lnv_SQLCA = Create SQLCA
lnv_SQLCA.DBParm="ConnectString = 'DSN=Sales;UID=dba;PWD=sql'" // The password is hard coded

Compliant Code Example

DBParm="ConnectString = 'DSN=Sales;UID=" + txtuserId.Text + ";PWD=" + txtPassword.Text + "'"
Visual Expert 2020
 VEPBRULE4