What is CVE-2007-2353?

CVE-2007-2353 is a vulnerability in Apache Axis, classified under Information Disclosure. Published 2007-04-30.

Is CVE-2007-2353 known to be exploited?

12 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Information disclosure in Apache Axis

CVE-2007-2353

Apache Axis 1.0 allows remote attackers to obtain sensitive information by requesting a non-existent WSDL file, which reveals the installation path in the resulting exception message.

Vulnerability class: Information Disclosure

EPSS: 0.277 (97.8th percentile) — read the EPSS interpretation.

Affected products

Apache Axis — versions 1.0
N/a — versions n/a

Weakness classification (CWE)

CWE-200 — Information Disclosure

Public proof-of-concept exploits

References

cve@mitre.org (x_refsource_OSVDB, vdb-entry)
cve@mitre.org (Exploit, vdb-entry, x_refsource_BID)
cve@mitre.org (vdb-entry, x_refsource_XF)
cve@mitre.org (mailing-list, x_refsource_VIM)

Frequently asked questions

What is CVE-2007-2353?: CVE-2007-2353 is a vulnerability in Apache Axis, classified under Information Disclosure. Published 2007-04-30.
Is CVE-2007-2353 known to be exploited?: 12 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.