Burp Community

See what our users are saying about Burp Suite:

How do I?	New Post	View All
Feature Requests	New Post	View All
Burp Extensions	New Post	View All
Bug Reports	New Post	View All

Support Center
Issue Definitions
Private key disclosed

Private key disclosed

Description: Private key disclosed

Disclosure of valid private keys may lead to unauthorized access to any systems that use them for authentication. Verify whether any keys disclosed are actually valid, and whether their disclosure within the application is appropriate.

References

Web Security Academy: Information disclosure

Vulnerability classifications

CWE-200: Information Exposure
CWE-388: Error Handling
CAPEC-37: Retrieve Embedded Sensitive Data
CAPEC-204: Lifting Sensitive Data Embedded in Cache

Typical severity

Information

Type index (hex)

0x00600550

Type index (decimal)

6292816

Burp Scanner

This issue - and many more like it - can be found using our web vulnerability scanner

Get Burp

Scan your web application from just $449.00

Find out more