Vulnerability Details : CVE-2004-1811
The SSL HTTP Server in HP Web-enabled Management Software 5.0 through 5.92, with anonymous access enabled, allows remote attackers to compromise the trusted certificates by uploading their own certificates.
Exploit prediction scoring system (EPSS) score for CVE-2004-1811
Probability of exploitation activity in the next 30 days: 2.76%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 89 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2004-1811
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Source |
|---|---|---|---|---|---|
|
7.5
|
HIGH | AV:N/AC:L/Au:N/C:P/I:P/A:P |
10.0
|
6.4
|
[email protected] |
References for CVE-2004-1811
-
http://www.ciac.org/ciac/bulletins/o-100.shtml
Patch
-
http://www.tru64.org/stories.php?story=04/03/12/0204078
Patch
-
http://www.securityfocus.com/bid/9859
Patch
-
http://www.immunitysec.com/downloads/hp_http.sxw.pdf
Vendor Advisory
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/15466
-
http://www.securityfocus.com/advisories/6448
-
http://archives.neohapsis.com/archives/vulnwatch/2004-q1/0057.html
- http://marc.info/?l=bugtraq&m=107936784030214&w=2
Products affected by CVE-2004-1811
- cpe:2.3:a:hp:ssl_http_server:5.0:*:*:*:*:*:*:*
- cpe:2.3:a:hp:ssl_http_server:5.92:*:*:*:*:*:*:*