Free and open-source vulnerability scanner
Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.
Install NowAvailable for macOS, Windows, and Linux
CVE-2011-0633
CVE information
Published
Last Modified
CVSSv2.0 Severity
Impact Analysis
Description
The Net::HTTPS module in libwww-perl (LWP) before 6.00, as used in WWW::Mechanize, LWP::UserAgent, and other products, when running in environments that do not set the If-SSL-Cert-Subject header, does not enable full validation of SSL certificates by default, which allows remote attackers to spoof servers via man-in-the-middle (MITM) attacks involving hostnames that are not properly validated. NOTE: it could be argued that this is a design limitation of the Net::HTTPS API, and separate implementations should be independently assigned CVE identifiers for not working around this limitation. However, because this API was modified within LWP, a single CVE identifier has been assigned..
CVSSv2.0 Score
- Severity
- Medium
- Base Score
- 4.3/10
- Exploit Score
- 8.6/10
- Access Vector
- Network
- Access Complexity
- Medium
- Authentication Required
- None
- Impact Score
- 2.9/10
- Confidentiality Impact
- None
- Availability Impact
- None
- Integrity Impact
- Partial
Products Affected
| CPE | Affected | Vulnerable | Excluding | Edit |
|---|---|---|---|---|
| cpe:2.3:a:search.cpan:libwww-perl:5.40_01:*:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:search.cpan:libwww-perl:*:*:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:gisle_aas:libwww-perl:5.828:*:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:gisle_aas:libwww-perl:5.827:*:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:gisle_aas:libwww-perl:5.826:*:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:gisle_aas:libwww-perl:5.825:*:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:gisle_aas:libwww-perl:5.811:*:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:gisle_aas:libwww-perl:5.810:*:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:gisle_aas:libwww-perl:5.808:*:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:gisle_aas:libwww-perl:5.807:*:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:gisle_aas:libwww-perl:5.74:*:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:gisle_aas:libwww-perl:5.73:*:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:gisle_aas:libwww-perl:5.72:*:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:gisle_aas:libwww-perl:5.71:*:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:gisle_aas:libwww-perl:5.53_92:*:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:gisle_aas:libwww-perl:5.53_91:*:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:gisle_aas:libwww-perl:5.53_90:*:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:gisle_aas:libwww-perl:5.53:*:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:gisle_aas:libwww-perl:5.52:*:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:gisle_aas:libwww-perl:5.36:*:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:gisle_aas:libwww-perl:5.35:*:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:gisle_aas:libwww-perl:5.34:*:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:gisle_aas:libwww-perl:5.33:*:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:gisle_aas:libwww-perl:5.15:*:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:gisle_aas:libwww-perl:5.14:*:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:gisle_aas:libwww-perl:5.13:*:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:gisle_aas:libwww-perl:5.12:*:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:gisle_aas:libwww-perl:5b12:*:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:gisle_aas:libwww-perl:5b11:*:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:gisle_aas:libwww-perl:5b10:*:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:gisle_aas:libwww-perl:5b9:*:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:gisle_aas:libwww-perl:5.836:*:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:gisle_aas:libwww-perl:5.833:*:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:gisle_aas:libwww-perl:5.820:*:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:gisle_aas:libwww-perl:5.819:*:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:gisle_aas:libwww-perl:5.818:*:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:gisle_aas:libwww-perl:5.817:*:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:gisle_aas:libwww-perl:5.802:*:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:gisle_aas:libwww-perl:5.801:*:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:gisle_aas:libwww-perl:5.800:*:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:gisle_aas:libwww-perl:5.79:*:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:gisle_aas:libwww-perl:5.65:*:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:gisle_aas:libwww-perl:5.64:*:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:gisle_aas:libwww-perl:5.63:*:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:gisle_aas:libwww-perl:5.62:*:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:gisle_aas:libwww-perl:5.53_97:*:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:gisle_aas:libwww-perl:5.47:*:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:gisle_aas:libwww-perl:5.46:*:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:gisle_aas:libwww-perl:5.45:*:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:gisle_aas:libwww-perl:5.44:*:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:gisle_aas:libwww-perl:5.20:*:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:gisle_aas:libwww-perl:5.19:*:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:gisle_aas:libwww-perl:5.18_05:*:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:gisle_aas:libwww-perl:5.18_04:*:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:gisle_aas:libwww-perl:5.07:*:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:gisle_aas:libwww-perl:5.06:*:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:gisle_aas:libwww-perl:5.05:*:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:gisle_aas:libwww-perl:5.04:*:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:gisle_aas:libwww-perl:0.04:*:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:gisle_aas:libwww-perl:0.03:*:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:gisle_aas:libwww-perl:0.02:*:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:gisle_aas:libwww-perl:0.01:*:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:gisle_aas:libwww-perl:5.831:*:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:gisle_aas:libwww-perl:5.829:*:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:gisle_aas:libwww-perl:5.824:*:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:gisle_aas:libwww-perl:5.822:*:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:gisle_aas:libwww-perl:5.815:*:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:gisle_aas:libwww-perl:5.813:*:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:gisle_aas:libwww-perl:5.805:*:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:gisle_aas:libwww-perl:5.803:*:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:gisle_aas:libwww-perl:5.78:*:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:gisle_aas:libwww-perl:5.76:*:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:gisle_aas:libwww-perl:5.69:*:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:gisle_aas:libwww-perl:5.67:*:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:gisle_aas:libwww-perl:5.60:*:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:gisle_aas:libwww-perl:5.53_96:*:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:gisle_aas:libwww-perl:5.53_94:*:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:gisle_aas:libwww-perl:5.51:*:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:gisle_aas:libwww-perl:5.49:*:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:gisle_aas:libwww-perl:5.42:*:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:gisle_aas:libwww-perl:5.32:*:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:gisle_aas:libwww-perl:5.30:*:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:gisle_aas:libwww-perl:5.21:*:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:gisle_aas:libwww-perl:5.18_03:*:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:gisle_aas:libwww-perl:5.17:*:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:gisle_aas:libwww-perl:5.10:*:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:gisle_aas:libwww-perl:5.08:*:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:gisle_aas:libwww-perl:5.03:*:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:gisle_aas:libwww-perl:5.01:*:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:gisle_aas:libwww-perl:5b13:*:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:gisle_aas:libwww-perl:5b8:*:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:gisle_aas:libwww-perl:5b6:*:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:gisle_aas:libwww-perl:5.834:*:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:gisle_aas:libwww-perl:5.832:*:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:gisle_aas:libwww-perl:5.830:*:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:gisle_aas:libwww-perl:5.823:*:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:gisle_aas:libwww-perl:5.821:*:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:gisle_aas:libwww-perl:5.816:*:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:gisle_aas:libwww-perl:5.814:*:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:gisle_aas:libwww-perl:5.812:*:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:gisle_aas:libwww-perl:5.806:*:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:gisle_aas:libwww-perl:5.804:*:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:gisle_aas:libwww-perl:5.77:*:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:gisle_aas:libwww-perl:5.75:*:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:gisle_aas:libwww-perl:5.70:*:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:gisle_aas:libwww-perl:5.68:*:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:gisle_aas:libwww-perl:5.66:*:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:gisle_aas:libwww-perl:5.61:*:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:gisle_aas:libwww-perl:5.53_95:*:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:gisle_aas:libwww-perl:5.53_93:*:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:gisle_aas:libwww-perl:5.50:*:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:gisle_aas:libwww-perl:5.48:*:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:gisle_aas:libwww-perl:5.43:*:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:gisle_aas:libwww-perl:5.41:*:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:gisle_aas:libwww-perl:5.31:*:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:gisle_aas:libwww-perl:5.22:*:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:gisle_aas:libwww-perl:5.18:*:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:gisle_aas:libwww-perl:5.16:*:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:gisle_aas:libwww-perl:5.11:*:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:gisle_aas:libwww-perl:5.09:*:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:gisle_aas:libwww-perl:5.02:*:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:gisle_aas:libwww-perl:5.00:*:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:gisle_aas:libwww-perl:5b7:*:*:*:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:a:gisle_aas:libwww-perl:5b5:*:*:*:*:*:*:* |
Yes
|
- | - |