CAPEC-279: SOAP Manipulation
ID
CAPEC-279
Typical Severity
High
Likelihood Of Attack
Medium
Status
Draft
Simple Object Access Protocol (SOAP) is used as a communication protocol between a client and server to invoke web services on the server. It is an XML-based protocol, and therefore suffers from many of the same shortcomings as other XML-based protocols. Adversaries can make use of these shortcomings and manipulate the content of SOAP paramters, leading to undesirable behavior on the server and allowing the adversary to carry out a number of further attacks.
Weaknesses
# ID | Name | Type |
---|---|---|
CWE-707 | Improper Neutralization | weakness |