PCI-DSS 4.0 3.3.1

Sensitive authentication data not stored

UnveilScan findings mapped to this control

The scanner emits 1 distinct finding on this control. Click "Scan a domain" below to see which of them currently apply to your site, with copy-paste remediation snippets (nginx, Apache, DNS BIND, web-server config).

web.leak.env ⏱ 4h

WEB — Leak.env

Risk if ignored: Database password, API keys, Stripe/AWS tokens — all publicly readable. Assume full compromise: rotate every credential, audit all downstream systems.

security financial legal

Also maps to 3 other controls

ANSSI Hygiène R21 — Restreindre l'exposition des fichiers sensibles
ISO 27001:2022 A.8.24 — Use of cryptography (key management)
SOC 2 CC6.1 — Logical and physical access controls