Home / Vulnerability Database / Scala : Undocumented feature: special account
Scala
Scala : Undocumented feature: special account
Classification
Overview
The application compares the value of the variable which stores the authentication data with a hardcoded value. This special account may be a part of a backdoor.
The application developer could have used a special account (possibly with elevated privileges) for debugging and he/she left the corresponding code sections in the final version, thus, retaining the access to the application functionality. An attacker can decompile the application, extract the hardcoded strings which specify the special account, and get access to the application.
Constant parameters (logins, passwords, keys) must not be stored in the source code of the application.
MEDIUM
DerScanner Severity Score
Do you want to fix Scala : Undocumented feature: special account in your application?
See also
Scala
Scala : Unreleased resource stream
Scala
Scala : Multiple loggers in same class
Scala