...
Risk Assessment
Violations of this rule could have to be detected automatically but may require substantial redevelopment effort if functions must be revised to accept different parameter types. Noncompliance may lead to concurrency violations that put data integrity at risk and may also result in abnormal program terminationmanually detected because it is a consequence of the overall design of the password storing mechanism. It is pretty unlikely, since it will occur around once or twice in a program that uses passwords. As demonstrated above, almost all violations of this rule have a clear exploit associated with them.
Rule | Severity | Likelihood | Remediation Cost | Priority | Level |
|---|---|---|---|---|---|
CON40 MSC18-C J | medium | unlikely likely | medium high | P4 P6 | L3 L2 |