Vulnerability Details : CVE-2004-1811
The SSL HTTP Server in HP Web-enabled Management Software 5.0 through 5.92, with anonymous access enabled, allows remote attackers to compromise the trusted certificates by uploading their own certificates.
Products affected by CVE-2004-1811
- cpe:2.3:a:hp:ssl_http_server:5.0:*:*:*:*:*:*:*
- cpe:2.3:a:hp:ssl_http_server:5.92:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2004-1811
1.65%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 87 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2004-1811
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
7.5
|
HIGH | AV:N/AC:L/Au:N/C:P/I:P/A:P |
10.0
|
6.4
|
NIST |
References for CVE-2004-1811
-
http://www.ciac.org/ciac/bulletins/o-100.shtml
Patch
-
http://www.tru64.org/stories.php?story=04/03/12/0204078
Patch
-
http://www.securityfocus.com/bid/9859
Patch
-
http://www.immunitysec.com/downloads/hp_http.sxw.pdf
Vendor Advisory
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/15466
-
http://www.securityfocus.com/advisories/6448
-
http://archives.neohapsis.com/archives/vulnwatch/2004-q1/0057.html
-
http://marc.info/?l=bugtraq&m=107936784030214&w=2
Jump to