ASP.NET Misconfiguration: Password in Configuration File


 * 1) REDIRECT ASP.NET Misconfigurations

Last revision (mm/dd/yy): //

Description
The clear-text passwords are in the configuration files. Clear-text passwords in the configuration files are subject to exposure in a variety of ways, including people getting access to the file, the file being served directly to a user due to a server error, a file download flaw, access to a backup copy, or some other exposure.

Risk Factors
TBD

Examples
TBD

Related Attacks

 * Attack 1
 * Attack 2

Related Vulnerabilities

 * Vulnerability 1
 * Vulnerabiltiy 2

Related Controls

 * Control 1
 * Control 2

Related Technical Impacts
TBD
 * Technical Impact 1
 * Technical Impact 2