CVE-2001-1569 - Vulnerability Details - OpenCVE

Openwave WAP gateway does not verify the fully qualified domain name URL with X.509 certificates from root certificate authorities, which allows remote attackers to spoof SSL certificates via a man-in-the-middle attack.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact None

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Cmg	Openwave Wap Gateway

Configuration 1 [-]

cpe:2.3:a:cmg:openwave_wap_gateway:*:*:*:*:*:*:*:*

No data.

References

Link	Providers
http://www.iss.net/security_center/static/6814.php
http://www.securityfocus.com/archive/1/195619

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2005-07-14T04:00:00Z

Updated: 2024-09-17T02:31:38.538Z

Reserved: 2005-07-14T00:00:00Z

Link: CVE-2001-1569

Vulnrichment

No data.

NVD

Status : Deferred

Published: 2001-12-31T05:00:00.000

Modified: 2025-04-03T01:03:51.193

Link: CVE-2001-1569

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "descriptions": [{"lang": "en", "value": "Openwave WAP gateway does not verify the fully qualified domain name URL with X.509 certificates from root certificate authorities, which allows remote attackers to spoof SSL certificates via a man-in-the-middle attack."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2005-07-14T04:00:00Z", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "wap-gateway-ssl-certificates(6814)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "http://www.iss.net/security_center/static/6814.php"}, {"name": "20010709 Many WAP gateways do not properly check SSL certificates", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/195619"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2001-1569", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Openwave WAP gateway does not verify the fully qualified domain name URL with X.509 certificates from root certificate authorities, which allows remote attackers to spoof SSL certificates via a man-in-the-middle attack."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "wap-gateway-ssl-certificates(6814)", "refsource": "XF", "url": "http://www.iss.net/security_center/static/6814.php"}, {"name": "20010709 Many WAP gateways do not properly check SSL certificates", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/195619"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-08T04:58:11.457Z"}, "title": "CVE Program Container", "references": [{"name": "wap-gateway-ssl-certificates(6814)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "http://www.iss.net/security_center/static/6814.php"}, {"name": "20010709 Many WAP gateways do not properly check SSL certificates", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/195619"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2001-1569", "datePublished": "2005-07-14T04:00:00Z", "dateReserved": "2005-07-14T00:00:00Z", "dateUpdated": "2024-09-17T02:31:38.538Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}