PT-2004-2710 · Hewlett Packard · Hp Web-Enabled Management

Published

2004-12-31

Updated

2017-07-11

CVE-2004-1811

CVSS v2.0

7.5

High

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions HP Web-enabled Management Software versions 5.0 through 5.92

Description The issue allows remote attackers to compromise trusted certificates by uploading their own certificates when anonymous access is enabled in the SSL HTTP Server.

Recommendations For HP Web-enabled Management Software versions 5.0 through 5.92, disable anonymous access to prevent the upload of unauthorized certificates.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2004-1811

Affected Products

Hp Web-Enabled Management

PT-2004-2710 · Hewlett Packard · Hp Web-Enabled Management

CVE-2004-1811

Related Identifiers

Affected Products

References · 10