icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons_061

Database Connection Configuration Information Disclosure

Medium

Synopsis

The remote web application server may be prone to a policy violation.

Description

PVS has just noted a web transaction that included database connection information. This includes database name, user ID, password and more.

Solution

Ensure that such information is not stored or sent in plaintext. Note: PVS only reports on the first occurence of this item on a web server. Parse your entire web source for similar occurrences.