From 95e467fdac4f6be0ed7ad0dd8b4dd182dcdc3d49 Mon Sep 17 00:00:00 2001 From: Egon Okerman Date: Thu, 14 Sep 2023 18:15:18 +0200 Subject: [PATCH] Apply review suggestion wrt impact --- rules/S6751/secrets/rule.adoc | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/rules/S6751/secrets/rule.adoc b/rules/S6751/secrets/rule.adoc index 22709ab2e40..1559fc42c21 100644 --- a/rules/S6751/secrets/rule.adoc +++ b/rules/S6751/secrets/rule.adoc @@ -6,7 +6,9 @@ include::../../../shared_content/secrets/rationale.adoc[] === What is the potential impact? -The exact impact of the compromise of a PyPI API token varies depending on the permissions granted to this token. It can range from loss of sensitive data and source code to severe supply chain attacks. +The exact consequences of a PyPI API token compromise can vary depending on the scope of the affected token. Depending on this factor, the attacker might get access to the full account the token is bound to or only to a project belonging to that user. + +In any case, such a compromise can lead to source code leaks, data leaks and even serious supply chain attacks. In general, a reputational loss is also a common threat. include::../../../shared_content/secrets/impact/source_code_compromise.adoc[]