logo

CWE-651 - Exposure of WSDL File Containing Sensitive Information

CWE-651

  • Abstraction:
  • Variant
  • Structure:
  • Simple
  • Status:
  • Incomplete
Weakness Name

Exposure of WSDL File Containing Sensitive Information

Description

The Web services architecture may require exposing a Web Service Definition Language (WSDL) file that contains information on the publicly accessible services and how callers of these services should interact with them (e.g. what parameters they expect and what types they return).

An information exposure may occur if any of the following apply:

Common Consequences

Scope: Confidentiality

Impact: Read Application Data

Notes: The attacker may find sensitive information located in the WSDL file.

Related Weaknesses
  • Release Date:
  • 2008-01-30
  • Latest Modification Date:
  • 2023-06-29

Free security scan for your website