CAPEC-95: WSDL Scanning

This attack targets the WSDL interface made available by a web service. The attacker may scan the WSDL interface to reveal sensitive information about invocation patterns, underlying technology implementations and associated vulnerabilities. This type of probing is carried out to perform more serious attacks (e.g. parameter tampering, malicious content injection, command injection, etc.). WSDL files provide detailed information about the services ports and bindings available to consumers. For instance, the attacker can submit special characters or malicious content to the Web service and can cause a denial of service condition or illegal access to database records. In addition, the attacker may try to guess other private methods by using the information provided in the WSDL files.

Last updated June 1, 2026

High

Typical severity

Per MITRE

High

Likelihood of attack

Per MITRE

Related weaknesses

CWEs this targets

Detailed

Abstraction

MITRE classification

CAPEC-95: WSDL Scanning

CAPEC-95: WSDL Scanning

Overview

How the attack works

What the attacker needs

Prerequisites

Skills required

Consequences

How to mitigate it

Examples

Frequently asked questions

What is CAPEC-95?

How does a WSDL Scanning attack work?

How do you prevent CAPEC-95?

What weaknesses does CAPEC-95 target?

How severe is CAPEC-95?

References

Defend against CAPEC-95

Overview

How the attack works

What the attacker needs

Prerequisites

Skills required

Consequences

How to mitigate it

Examples

Related weaknesses

Related attack patterns

Parent

Frequently asked questions

What is CAPEC-95?

How does a WSDL Scanning attack work?

How do you prevent CAPEC-95?

What weaknesses does CAPEC-95 target?

How severe is CAPEC-95?

References

Defend against CAPEC-95