Path Disclosure Vulnerability in Apache Axis by Apache
CVE-2007-2353

Currently unrated

Key Information:

Vendor: Apache
Status: Axis
Vendor: CVE Published:; 30 April 2007

Summary

Apache Axis 1.0 is susceptible to a path disclosure vulnerability, where remote attackers can exploit the system by requesting a non-existent WSDL file. This action triggers an exception message that inadvertently reveals the installation path of the service, potentially allowing attackers to gather sensitive information about the server's configuration.

References

http://www.osvdb.org/34154

vdb-entryx_refsource_OSVDB

http://www.securityfocus.com/bid/23687

vdb-entryx_refsource_BID

https://exchange.xforce.ibmcloud.com/vulnerabilities/34167

vdb-entryx_refsource_XF

EPSS Score

5% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Apr 30, 2007
Vulnerability Reserved
Apr 30, 2007