...
Leaving extra entry points into production code could allow an attacker to gain special access to the program.
Rule | Severity | Likelihood | Detectable | RepairableRemediation Cost | Priority | Level |
|---|---|---|---|---|---|---|
ENV06-J | High | Probable | No | LowNo | P18P6 | L1L2 |
Automated Detection
This rule is not amenable to automated static analysis.
| Tool | Version | Checker | Description | ||||||
|---|---|---|---|---|---|---|---|---|---|
| CodeSonar |
| JAVA.DEBUG.CEDF | Class enables debug features | ||||||
| Klocwork |
| JAVA.DEBUG.ENTRY | |||||||
| SonarQube |
| S2653 | Detects main in Servlets and EJBs |
...