Vulnerability Description
Openwave WAP gateway does not verify the fully qualified domain name URL with X.509 certificates from root certificate authorities, which allows remote attackers to spoof SSL certificates via a man-in-the-middle attack.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Cmg | Openwave Wap Gateway | All versions |
References
- http://www.iss.net/security_center/static/6814.php
- http://www.securityfocus.com/archive/1/195619
- http://www.iss.net/security_center/static/6814.php
- http://www.securityfocus.com/archive/1/195619
FAQ
What is CVE-2001-1569?
CVE-2001-1569 is a vulnerability with a CVSS score of 6.4 (MEDIUM). Openwave WAP gateway does not verify the fully qualified domain name URL with X.509 certificates from root certificate authorities, which allows remote attackers to spoof SSL certificates via a man-in...
How severe is CVE-2001-1569?
CVE-2001-1569 has been rated MEDIUM with a CVSS base score of 6.4/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2001-1569?
Check the references section above for vendor advisories and patch information. Affected products include: Cmg Openwave Wap Gateway.