icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons_061

SOAP '.wsdl' File Detection

Info

Synopsis

The remote web server is running a SOAP service that is enumerated via a '.wsdl' configuration file.

Description

The remote web server is running a SOAP service that is enumerated via a '.wsdl' configuration file. Distributing such files over the web can be done, but the webmaster should make sure that they do not contain confidential data.

Solution

Ensure that confidential data is not present within the '.wsdl' file. Note: PVS only reports on the first occurence of this item on a web server. Parse your entire web source for similar occurrences.