SOAP Request Strict Security should be enabled
Impact area
Security
Severity
High
Affected element
System property
Rule ID
SN-0174Impact
Without appropriate authorization configured on the incoming SOAP requests, an unauthorized user can get access to sensitive content/data on the target instance.
Remediation
Set the system property "glide.soap.strict_security" to true.
Time to fix
15 min
References
This rule is linked to Common Weakness Enumeration CWE-862 Missing Authorization.