I tried running a Qualys web application scan on below WSDL
and received the error message
"Failed to parse the WSDL due to following error in the WSDL.
Schema Parser Exception : Error while parsing imported namespace http://xmlns.oracle.com/ouaf Fatal Error in SchemaParser"
I am not posting my actual company URL for privacy and security reasons in a public forum but using myorg.com
I know http://xmlns.oracle.com/ouaf goes to an Error page in Oracle but this WSDL was auto-generated by Oracle weblogic for services it provides out of the box. Oracle SOA(Service-Oriented Architecture) composite is an assembly of services, service components, and references designed and deployed together in a single application and it generated this WSDL. We did not build this WSDL so cannot change this WSDL.
1. Has anyone faced such errors with Oracle SOA generated WSDL with a Qualys scan and if yes, how can this be addressed?
2. Is there a way to tell Qualys web app scanner to ignore the imported namespace error and continue scanning?
3. I see docs for Qualys scanning REST API but is there anything for doing a vulnerability scan for SOAP APIs?
4. Any other suggestions for finding vulnerabilities in SOAP API using Qualys would be helpful. We are using Business Process Execution Language for Web Services