Non-encrypted confidential information - Keys
Description
Confidential information is stored in plain text allowing an attacker to view it without any encryption.
Impact
Obtain sensitive information that can compromise system resources.
Recommendation
Encrypt all sensitive information that is transported or stored within the application according to the organizations policies.
Threat
Attacker with access to source code from the Internet.
Expected Remediation Time
⏱️ 30 minutes.