Vulnerability Description
CMG WAP gateway does not verify the fully qualified domain name URL with X.509 certificates from root certificate authorities, which allows remote attackers to spoof SSL certificates via a man-in-the-middle attack.
CVSS Score
6.4
MEDIUM
AV:N/AC:L/Au:N/C:P/I:P/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Cmg | Wap Gateway | All versions |
References
- http://archives.neohapsis.com/archives/bugtraq/2001-07/0127.html
- http://www.iss.net/security_center/static/6814.php
- http://archives.neohapsis.com/archives/bugtraq/2001-07/0127.html
- http://www.iss.net/security_center/static/6814.php
FAQ
What is CVE-2001-1568?
CVE-2001-1568 is a vulnerability with a CVSS score of 6.4 (MEDIUM). CMG WAP gateway does not verify the fully qualified domain name URL with X.509 certificates from root certificate authorities, which allows remote attackers to spoof SSL certificates via a man-in-the-...
How severe is CVE-2001-1568?
CVE-2001-1568 has been rated MEDIUM with a CVSS base score of 6.4/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2001-1568?
Check the references section above for vendor advisories and patch information. Affected products include: Cmg Wap Gateway.