WSDL Exposure

WSDL is a simple XML-based language used by web service providers to define a service. A service provider is an application or an IT system that provides web services to other applications or IT systems. A service consumer is an application or IT system that consumes a web service.

Impact

WSDL services provide alternative, and sometimes low-level, ways to access the application and therefore need to be fully inspected for vulnerabilities.

Solution

If the services are not in use ensure that they are removed or only available to authorised personnel.