CWE-651 - Exposure of WSDL File Containing Sensitive Information
CWE-651
- Abstraction:
- Variant
- Structure:
- Simple
- Status:
- Incomplete
- Weakness Name
Exposure of WSDL File Containing Sensitive Information
- Description
The Web services architecture may require exposing a Web Service Definition Language (WSDL) file that contains information on the publicly accessible services and how callers of these services should interact with them (e.g. what parameters they expect and what types they return).
An information exposure may occur if any of the following apply:
- Common Consequences
Scope: Confidentiality
Impact: Read Application Data
Notes: The attacker may find sensitive information located in the WSDL file.
- Related Weaknesses
- Release Date:
- 2008-01-30
- Latest Modification Date:
- 2023-06-29
Free security scan for your website