Unauthorized Certificate Upload in HP Web-enabled Management Software
CVE-2004-1811

Currently unrated

Key Information:

Vendor: HP
Status: Ssl Http Server
Vendor: CVE Published:; 31 December 2004

Summary

The SSL HTTP Server in HP Web-enabled Management Software versions 5.0 through 5.92, when configured with anonymous access, allows remote attackers to upload malicious certificates. This action can compromise the integrity of the trusted certificates, posing significant risks to system security and data protection.

References

http://marc.info/?l=bugtraq&m=107936784030214&w=2

mailing-listx_refsource_BUGTRAQ

http://www.securityfocus.com/bid/9859

vdb-entryx_refsource_BID

https://exchange.xforce.ibmcloud.com/vulnerabilities/15466

vdb-entryx_refsource_XF

Timeline

Vulnerability Reserved
May 4, 2005
Vulnerability published
Dec 31, 2004