Information Leakage / Exposure of Sensitive Data in Git Repository

Description

Exposure of sensitive data in git repository is a type of information leakage vulnerability (CWE-200). It happens when sensitive data is accidentally committed and pushed to a public git repository, where it can be accessed by anyone. The vulnerability affects both Infrastructure and Web and API. According to the OWASP Testing Guide, this type of vulnerability can be found in web applications or web services that allow users to store data in a version control system, such as git.

Risk

Exposure of sensitive data in git repository can have serious consequences. It can lead to data breaches, identity theft, financial losses, and reputational damage. It is important for organizations to assess the risk of this vulnerability and take steps to address it.

Solution

To prevent exposure of sensitive data in git repository, organizations should take steps to ensure that sensitive data is never committed and pushed to a public git repository. This includes implementing processes and procedures to ensure that sensitive data is not inadvertently committed and pushed to a public git repository. Additionally, organizations should ensure that access to the git repository is restricted to authorized personnel only.