Private IP address disclosure

Low Web Application Scanning Plugin ID 98077

Synopsis

Private IP address disclosure

Description

Private, or non-routable, IP addresses are generally used within a home or
company network and are typically unknown to anyone outside of that network.

Cyber-criminals will attempt to identify the private IP address range being used
by their victim, to aid in collecting further information that could then lead
to a possible compromise.

Scanner discovered that the affected page returned a RFC 1918 compliant private
IP address and therefore could be revealing sensitive information.

This finding typically requires manual verification to ensure the context is
correct, as any private IP address within the HTML body will trigger it.

Solution

Identifying the context in which the affected page displays a Private IP address is necessary.
If the page is publicly accessible and displays the Private IP of the affected server (or supporting infrastructure), then measures should be put in place to ensure that the IP address is removed from any response.

See Also

http://projects.webappsec.org/w/page/13246936/Information%20Leakage

Plugin Details

Severity: Low

ID: 98077

Type: remote

Published: 2017/03/31

Modified: 2017/10/16

Risk Information

Risk Factor: Low

CVSSv2

Base Score: 2.6

Vector: CVSS2#AV:N/AC:H/Au:N/C:P/I:N/A:N

CVSSv3

Base Score: 3.1

Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N

Reference Information