Search
Find a vulnerability
Search criteria
2 vulnerabilities found for wireless_handset by vocera
CVE-2008-1114 (GCVE-0-2008-1114)
Vulnerability from nvd – Published: 2008-03-03 18:00 – Updated: 2024-09-17 04:08
VLAI
EPSS
VEX
Summary
Vocera Communications wireless handsets, when using Protected Extensible Authentication Protocol (PEAP), do not validate server certificates, which allows remote wireless access points to steal hashed passwords and conduct man-in-the-middle (MITM) attacks.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
5 references
| URL | Tags |
|---|---|
| http://blogs.zdnet.com/security/?p=896 | x_refsource_MISC |
| http://www.vocera.com/downloads/InfrastructureGuide.pdf | x_refsource_CONFIRM |
| http://seclists.org/fulldisclosure/2008/Feb/0402.html | mailing-listx_refsource_FULLDISC |
| http://www.securityfocus.com/bid/27935 | vdb-entryx_refsource_BID |
| http://blogs.zdnet.com/security/?p=901 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T08:08:57.608Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://blogs.zdnet.com/security/?p=896"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vocera.com/downloads/InfrastructureGuide.pdf"
},
{
"name": "20080221 Cisco and Vocera wireless LAN VoIP devices don\u0027t check certificates",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2008/Feb/0402.html"
},
{
"name": "27935",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/27935"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://blogs.zdnet.com/security/?p=901"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Vocera Communications wireless handsets, when using Protected Extensible Authentication Protocol (PEAP), do not validate server certificates, which allows remote wireless access points to steal hashed passwords and conduct man-in-the-middle (MITM) attacks."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2008-03-03T18:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://blogs.zdnet.com/security/?p=896"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vocera.com/downloads/InfrastructureGuide.pdf"
},
{
"name": "20080221 Cisco and Vocera wireless LAN VoIP devices don\u0027t check certificates",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2008/Feb/0402.html"
},
{
"name": "27935",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/27935"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://blogs.zdnet.com/security/?p=901"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-1114",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Vocera Communications wireless handsets, when using Protected Extensible Authentication Protocol (PEAP), do not validate server certificates, which allows remote wireless access points to steal hashed passwords and conduct man-in-the-middle (MITM) attacks."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://blogs.zdnet.com/security/?p=896",
"refsource": "MISC",
"url": "http://blogs.zdnet.com/security/?p=896"
},
{
"name": "http://www.vocera.com/downloads/InfrastructureGuide.pdf",
"refsource": "CONFIRM",
"url": "http://www.vocera.com/downloads/InfrastructureGuide.pdf"
},
{
"name": "20080221 Cisco and Vocera wireless LAN VoIP devices don\u0027t check certificates",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2008/Feb/0402.html"
},
{
"name": "27935",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/27935"
},
{
"name": "http://blogs.zdnet.com/security/?p=901",
"refsource": "MISC",
"url": "http://blogs.zdnet.com/security/?p=901"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-1114",
"datePublished": "2008-03-03T18:00:00.000Z",
"dateReserved": "2008-03-03T00:00:00.000Z",
"dateUpdated": "2024-09-17T04:08:42.687Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-1114 (GCVE-0-2008-1114)
Vulnerability from cvelistv5 – Published: 2008-03-03 18:00 – Updated: 2024-09-17 04:08
VLAI
EPSS
VEX
Summary
Vocera Communications wireless handsets, when using Protected Extensible Authentication Protocol (PEAP), do not validate server certificates, which allows remote wireless access points to steal hashed passwords and conduct man-in-the-middle (MITM) attacks.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
5 references
| URL | Tags |
|---|---|
| http://blogs.zdnet.com/security/?p=896 | x_refsource_MISC |
| http://www.vocera.com/downloads/InfrastructureGuide.pdf | x_refsource_CONFIRM |
| http://seclists.org/fulldisclosure/2008/Feb/0402.html | mailing-listx_refsource_FULLDISC |
| http://www.securityfocus.com/bid/27935 | vdb-entryx_refsource_BID |
| http://blogs.zdnet.com/security/?p=901 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T08:08:57.608Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://blogs.zdnet.com/security/?p=896"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vocera.com/downloads/InfrastructureGuide.pdf"
},
{
"name": "20080221 Cisco and Vocera wireless LAN VoIP devices don\u0027t check certificates",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2008/Feb/0402.html"
},
{
"name": "27935",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/27935"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://blogs.zdnet.com/security/?p=901"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Vocera Communications wireless handsets, when using Protected Extensible Authentication Protocol (PEAP), do not validate server certificates, which allows remote wireless access points to steal hashed passwords and conduct man-in-the-middle (MITM) attacks."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2008-03-03T18:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://blogs.zdnet.com/security/?p=896"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vocera.com/downloads/InfrastructureGuide.pdf"
},
{
"name": "20080221 Cisco and Vocera wireless LAN VoIP devices don\u0027t check certificates",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2008/Feb/0402.html"
},
{
"name": "27935",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/27935"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://blogs.zdnet.com/security/?p=901"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-1114",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Vocera Communications wireless handsets, when using Protected Extensible Authentication Protocol (PEAP), do not validate server certificates, which allows remote wireless access points to steal hashed passwords and conduct man-in-the-middle (MITM) attacks."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://blogs.zdnet.com/security/?p=896",
"refsource": "MISC",
"url": "http://blogs.zdnet.com/security/?p=896"
},
{
"name": "http://www.vocera.com/downloads/InfrastructureGuide.pdf",
"refsource": "CONFIRM",
"url": "http://www.vocera.com/downloads/InfrastructureGuide.pdf"
},
{
"name": "20080221 Cisco and Vocera wireless LAN VoIP devices don\u0027t check certificates",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2008/Feb/0402.html"
},
{
"name": "27935",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/27935"
},
{
"name": "http://blogs.zdnet.com/security/?p=901",
"refsource": "MISC",
"url": "http://blogs.zdnet.com/security/?p=901"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-1114",
"datePublished": "2008-03-03T18:00:00.000Z",
"dateReserved": "2008-03-03T00:00:00.000Z",
"dateUpdated": "2024-09-17T04:08:42.687Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}