CVE-2001-1569

2005-07-1404:00:00

mitre

www.cve.org

openwave

wap gateway

ssl certificate

spoofing

vulnerability

AI Score

6.5

Confidence

Low

EPSS

0.003

Percentile

65.4%

JSON

Openwave WAP gateway does not verify the fully qualified domain name URL with X.509 certificates from root certificate authorities, which allows remote attackers to spoof SSL certificates via a man-in-the-middle attack.

References

www.iss.net/security_center/static/6814.php

www.securityfocus.com/archive/1/195619