Search

Find a vulnerability

Search criteria

    2 vulnerabilities found for wireless_handset by vocera

    CVE-2008-1114 (GCVE-0-2008-1114)

    Vulnerability from nvd – Published: 2008-03-03 18:00 – Updated: 2024-09-17 04:08
    VLAI
    Summary
    Vocera Communications wireless handsets, when using Protected Extensible Authentication Protocol (PEAP), do not validate server certificates, which allows remote wireless access points to steal hashed passwords and conduct man-in-the-middle (MITM) attacks.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T08:08:57.608Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://blogs.zdnet.com/security/?p=896"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.vocera.com/downloads/InfrastructureGuide.pdf"
              },
              {
                "name": "20080221 Cisco and Vocera wireless LAN VoIP devices don\u0027t check certificates",
                "tags": [
                  "mailing-list",
                  "x_refsource_FULLDISC",
                  "x_transferred"
                ],
                "url": "http://seclists.org/fulldisclosure/2008/Feb/0402.html"
              },
              {
                "name": "27935",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/27935"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://blogs.zdnet.com/security/?p=901"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Vocera Communications wireless handsets, when using Protected Extensible Authentication Protocol (PEAP), do not validate server certificates, which allows remote wireless access points to steal hashed passwords and conduct man-in-the-middle (MITM) attacks."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2008-03-03T18:00:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://blogs.zdnet.com/security/?p=896"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.vocera.com/downloads/InfrastructureGuide.pdf"
            },
            {
              "name": "20080221 Cisco and Vocera wireless LAN VoIP devices don\u0027t check certificates",
              "tags": [
                "mailing-list",
                "x_refsource_FULLDISC"
              ],
              "url": "http://seclists.org/fulldisclosure/2008/Feb/0402.html"
            },
            {
              "name": "27935",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/27935"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://blogs.zdnet.com/security/?p=901"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2008-1114",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Vocera Communications wireless handsets, when using Protected Extensible Authentication Protocol (PEAP), do not validate server certificates, which allows remote wireless access points to steal hashed passwords and conduct man-in-the-middle (MITM) attacks."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://blogs.zdnet.com/security/?p=896",
                  "refsource": "MISC",
                  "url": "http://blogs.zdnet.com/security/?p=896"
                },
                {
                  "name": "http://www.vocera.com/downloads/InfrastructureGuide.pdf",
                  "refsource": "CONFIRM",
                  "url": "http://www.vocera.com/downloads/InfrastructureGuide.pdf"
                },
                {
                  "name": "20080221 Cisco and Vocera wireless LAN VoIP devices don\u0027t check certificates",
                  "refsource": "FULLDISC",
                  "url": "http://seclists.org/fulldisclosure/2008/Feb/0402.html"
                },
                {
                  "name": "27935",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/27935"
                },
                {
                  "name": "http://blogs.zdnet.com/security/?p=901",
                  "refsource": "MISC",
                  "url": "http://blogs.zdnet.com/security/?p=901"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2008-1114",
        "datePublished": "2008-03-03T18:00:00.000Z",
        "dateReserved": "2008-03-03T00:00:00.000Z",
        "dateUpdated": "2024-09-17T04:08:42.687Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2008-1114 (GCVE-0-2008-1114)

    Vulnerability from cvelistv5 – Published: 2008-03-03 18:00 – Updated: 2024-09-17 04:08
    VLAI
    Summary
    Vocera Communications wireless handsets, when using Protected Extensible Authentication Protocol (PEAP), do not validate server certificates, which allows remote wireless access points to steal hashed passwords and conduct man-in-the-middle (MITM) attacks.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T08:08:57.608Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://blogs.zdnet.com/security/?p=896"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.vocera.com/downloads/InfrastructureGuide.pdf"
              },
              {
                "name": "20080221 Cisco and Vocera wireless LAN VoIP devices don\u0027t check certificates",
                "tags": [
                  "mailing-list",
                  "x_refsource_FULLDISC",
                  "x_transferred"
                ],
                "url": "http://seclists.org/fulldisclosure/2008/Feb/0402.html"
              },
              {
                "name": "27935",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/27935"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://blogs.zdnet.com/security/?p=901"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Vocera Communications wireless handsets, when using Protected Extensible Authentication Protocol (PEAP), do not validate server certificates, which allows remote wireless access points to steal hashed passwords and conduct man-in-the-middle (MITM) attacks."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2008-03-03T18:00:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://blogs.zdnet.com/security/?p=896"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.vocera.com/downloads/InfrastructureGuide.pdf"
            },
            {
              "name": "20080221 Cisco and Vocera wireless LAN VoIP devices don\u0027t check certificates",
              "tags": [
                "mailing-list",
                "x_refsource_FULLDISC"
              ],
              "url": "http://seclists.org/fulldisclosure/2008/Feb/0402.html"
            },
            {
              "name": "27935",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/27935"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://blogs.zdnet.com/security/?p=901"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2008-1114",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Vocera Communications wireless handsets, when using Protected Extensible Authentication Protocol (PEAP), do not validate server certificates, which allows remote wireless access points to steal hashed passwords and conduct man-in-the-middle (MITM) attacks."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://blogs.zdnet.com/security/?p=896",
                  "refsource": "MISC",
                  "url": "http://blogs.zdnet.com/security/?p=896"
                },
                {
                  "name": "http://www.vocera.com/downloads/InfrastructureGuide.pdf",
                  "refsource": "CONFIRM",
                  "url": "http://www.vocera.com/downloads/InfrastructureGuide.pdf"
                },
                {
                  "name": "20080221 Cisco and Vocera wireless LAN VoIP devices don\u0027t check certificates",
                  "refsource": "FULLDISC",
                  "url": "http://seclists.org/fulldisclosure/2008/Feb/0402.html"
                },
                {
                  "name": "27935",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/27935"
                },
                {
                  "name": "http://blogs.zdnet.com/security/?p=901",
                  "refsource": "MISC",
                  "url": "http://blogs.zdnet.com/security/?p=901"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2008-1114",
        "datePublished": "2008-03-03T18:00:00.000Z",
        "dateReserved": "2008-03-03T00:00:00.000Z",
        "dateUpdated": "2024-09-17T04:08:42.687Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }