CWE-651Exposure of WSDL File Containing Sensitive Information

PUBLISHEDweakness record
released 2008-01-30 · last modified 2025-12-11

Metadata

CWE ID:
CWE-651
摘要:
Variant
结构:
Simple
状态:
Incomplete
发布日期:
2008-01-30
更新日期:
2025-12-11

名称

Exposure of WSDL File Containing Sensitive Information

描述

The Web services architecture may require exposing a Web Service Definition Language (WSDL) file that contains information on the publicly accessible services and how callers of these services should interact with them (e.g. what parameters they expect and what types they return).

An information exposure may occur if any of the following apply:

常见后果

范围:
Confidentiality
影响:
Read Application Data
注释:
The attacker may find sensitive information located in the WSDL file.

相关 CWE