...
Tool | Version | Checker | Description | ||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
CodeSonar | 4.2 | FB.SECURITY.DMI_CONSTANT_DB_PASSWORD FB.SECURITY.DMI_EMPTY_DB_PASSWORD |
| JAVA.HARDCODED.PASSWD | Hardcoded Password (Java) Hardcoded constant database password Empty database password | ||||||
Coverity | 7.5 | HARDCODED_CREDENTIALS | Implemented | ||||||||
Fortify | 1.0 | Password_Management | Partially implemented | ||||||||
Parasoft Jtest |
| SECURITYCERT.WSCMSC03.HCCS SECURITYCERT.WSCMSC03.HCCK SECURITYCERT.WSCMSC03.AHCA | Avoid passing hardcoded usernames/passwords/URLs to database connection methods Avoid using hard-coded cryptographic keys Avoid hard-coding the arguments to certain methods | ||||||||
PMD | 1.0 | AvoidUsingHardCodedIP | Partially implemented | ||||||||
SonarQube |
| S1313 S2068 | Partially implemented |
...