Path Disclosure Vulnerability in Apache Axis by Apache
CVE-2007-2353

Currently unrated

Key Information:

Vendor: Apache
Status: Axis
Vendor: CVE Published:; 30 April 2007

What is CVE-2007-2353?

Apache Axis 1.0 is susceptible to a path disclosure vulnerability, where remote attackers can exploit the system by requesting a non-existent WSDL file. This action triggers an exception message that inadvertently reveals the installation path of the service, potentially allowing attackers to gather sensitive information about the server's configuration.

References

http://www.osvdb.org/34154

vdb-entryx_refsource_OSVDB

http://www.securityfocus.com/bid/23687

vdb-entryx_refsource_BID

https://exchange.xforce.ibmcloud.com/vulnerabilities/34167

vdb-entryx_refsource_XF

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 30, 2007
Vulnerability Reserved
Apr 30, 2007