Config Files Plaintext Certificate Storage

Description

Detects exposed PEM certificate files that contain sensitive cryptographic material in plaintext. These exposed certificates could be used by attackers to compromise secure communications or impersonate legitimate services if private keys are included.

Weakness:

385 - Non-encrypted confidential information - Keys

Category: Information Collection

Detection Strategy

• File contains text that matches standard PEM certificate format headers (e.g. '-----BEGIN CERTIFICATE-----')

• Certificate content is stored in plaintext within the scanned file

• File is directly readable/accessible rather than being stored in a secure credential store

Vulnerable code example

// Unsafe: Private key exposed directly in source code
const privateKey = `-----BEGIN RSA PRIVATE KEY-----
MIIGBzAYBgkqhkiG9w0BCQMxCwYJKoZIhvcNAQcBMAoGCSqGSIb3DQEJAzEA
MIIF8QYJKoZIhvcNAQcBoIIF4QSCC94wggvdBgsqhkiG9w0BAQECoIIFvTCC
-----END RSA PRIVATE KEY-----`;

✅ Secure code example

// Load private key from secure environment variable or configuration file
const privateKey = process.env.PRIVATE_KEY; // Store key in environment variable instead of code

// Verify key exists before using
if (!privateKey) {
    throw new Error('Private key not found in environment variables');
}
...

Free trial

Search for vulnerabilities in your apps for free with Fluid Attacks' automated security testing! Start your 21-day free trial and discover the benefits of the Continuous Hacking Essential plan. If you prefer the Advanced plan, which includes the expertise of Fluid Attacks' hacking team, fill out this contact form.