Skip to content

Commit cfcb06c

Browse files
authored
Merge pull request #8035 from tamasvajk/feature/hardcoded-cred-medium-prec
C#: Downgrade hardcoded credentials queries to medium precision
2 parents c48e496 + 0c667fa commit cfcb06c

File tree

3 files changed

+7
-2
lines changed

3 files changed

+7
-2
lines changed

csharp/ql/src/Security Features/CWE-798/HardcodedConnectionString.ql

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -4,7 +4,7 @@
44
* @kind path-problem
55
* @problem.severity error
66
* @security-severity 9.8
7-
* @precision high
7+
* @precision medium
88
* @id cs/hardcoded-connection-string-credentials
99
* @tags security
1010
* external/cwe/cwe-259

csharp/ql/src/Security Features/CWE-798/HardcodedCredentials.ql

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -4,7 +4,7 @@
44
* @kind path-problem
55
* @problem.severity error
66
* @security-severity 9.8
7-
* @precision high
7+
* @precision medium
88
* @id cs/hardcoded-credentials
99
* @tags security
1010
* external/cwe/cwe-259
Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,5 @@
1+
---
2+
category: queryMetadata
3+
---
4+
The precision of hardcoded credentials queries (`cs/hardcoded-credentials` and
5+
`cs/hardcoded-connection-string-credentials`) have been downgraded to medium.

0 commit comments

Comments
 (0)