Fork me on GitHub

Build and Deployment -> Deployment: Handover of confidential parameters

Risk and Opportunity

Risk: Attackers who compromise a system can see confidential access information like database credentials. Parameters are often used to set credentials, for example by starting containers or applications. These parameters can often be seen by any one listing running processes on the target system.
Opportunity: By using encryption, it is harder to read credentials , e.g. from the file system. Also, the usage of a credential management system can help protect credentials.

Exploit details

Usefullness: High
Required knowledge: Low (one discipline)
Required time: Low
Required resources (systems): Very Low

Additional Information

Dependencies: Environment depending configuration parameters
OWASP SAMM 1 Mapping: SA2-A
OWASP SAMM 2 Mapping: i-secure-deployment|B|2 TODO might be 1