Vulnerability Details CVE-2004-1811
The SSL HTTP Server in HP Web-enabled Management Software 5.0 through 5.92, with anonymous access enabled, allows remote attackers to compromise the trusted certificates by uploading their own certificates.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.013
EPSS Ranking 79.0%
CVSS Severity
CVSS v2 Score 7.5
References
- http://archives.neohapsis.com/archives/vulnwatch/2004-q1/0057.html
- http://marc.info/?l=bugtraq&m=107936784030214&w=2
- http://secunia.com/advisories/11126
- http://www.ciac.org/ciac/bulletins/o-100.shtml
- http://www.immunitysec.com/downloads/hp_http.sxw.pdf
- http://www.securityfocus.com/advisories/6448
- http://www.securityfocus.com/bid/9859
- http://www.tru64.org/stories.php?story=04/03/12/0204078
- https://exchange.xforce.ibmcloud.com/vulnerabilities/15466
- http://archives.neohapsis.com/archives/vulnwatch/2004-q1/0057.html
- http://marc.info/?l=bugtraq&m=107936784030214&w=2
- http://secunia.com/advisories/11126
- http://www.ciac.org/ciac/bulletins/o-100.shtml
- http://www.immunitysec.com/downloads/hp_http.sxw.pdf
- http://www.securityfocus.com/advisories/6448
- http://www.securityfocus.com/bid/9859
- http://www.tru64.org/stories.php?story=04/03/12/0204078
- https://exchange.xforce.ibmcloud.com/vulnerabilities/15466
Products affected by CVE-2004-1811
-
cpe:2.3:a:hp:ssl_http_server:5.0
-
cpe:2.3:a:hp:ssl_http_server:5.92