Severity: Medium

Description: SAS^® Foundation on Unix might disclose the location of the private key that is used for TLS connections with SAS/CONNECT^® or SAS Workspace Servers in the SAS log when you specify the SSLPVTKEYLOC system option in the server configuration. 

Potential Impact: Disclosure of the private key location could allow an attacker to gain access to the private key and compromise the integrity of TLS communication.