Search
Find a vulnerability
Search criteria
2 vulnerabilities by vocera_communications
CVE-2008-1113 (GCVE-0-2008-1113)
Vulnerability from nvd – Published: 2008-03-03 18:00 – Updated: 2024-09-16 17:29
VLAI
EPSS
VEX
Summary
Cisco Unified Wireless IP Phone 7921, when using Protected Extensible Authentication Protocol (PEAP), does not validate server certificates, which allows remote wireless access points to steal hashed passwords and conduct man-in-the-middle (MITM) attacks.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
7 references
| URL | Tags |
|---|---|
| http://blogs.zdnet.com/security/?p=896 | x_refsource_MISC |
| http://seclists.org/fulldisclosure/2008/Feb/0449.html | mailing-listx_refsource_FULLDISC |
| http://securitytracker.com/id?1019494 | vdb-entryx_refsource_SECTRACK |
| http://seclists.org/fulldisclosure/2008/Feb/0402.html | mailing-listx_refsource_FULLDISC |
| http://www.securityfocus.com/bid/27935 | vdb-entryx_refsource_BID |
| http://blogs.zdnet.com/security/?p=901 | x_refsource_MISC |
| http://secunia.com/advisories/29082 | third-party-advisoryx_refsource_SECUNIA |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T08:08:57.551Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://blogs.zdnet.com/security/?p=896"
},
{
"name": "20080223 Cisco confirms vulnerability in 7921 Wi-Fi IP phone",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2008/Feb/0449.html"
},
{
"name": "1019494",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1019494"
},
{
"name": "20080221 Cisco and Vocera wireless LAN VoIP devices don\u0027t check certificates",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2008/Feb/0402.html"
},
{
"name": "27935",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/27935"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://blogs.zdnet.com/security/?p=901"
},
{
"name": "29082",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29082"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Cisco Unified Wireless IP Phone 7921, when using Protected Extensible Authentication Protocol (PEAP), does not validate server certificates, which allows remote wireless access points to steal hashed passwords and conduct man-in-the-middle (MITM) attacks."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2008-03-03T18:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://blogs.zdnet.com/security/?p=896"
},
{
"name": "20080223 Cisco confirms vulnerability in 7921 Wi-Fi IP phone",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2008/Feb/0449.html"
},
{
"name": "1019494",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1019494"
},
{
"name": "20080221 Cisco and Vocera wireless LAN VoIP devices don\u0027t check certificates",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2008/Feb/0402.html"
},
{
"name": "27935",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/27935"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://blogs.zdnet.com/security/?p=901"
},
{
"name": "29082",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29082"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-1113",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cisco Unified Wireless IP Phone 7921, when using Protected Extensible Authentication Protocol (PEAP), does not validate server certificates, which allows remote wireless access points to steal hashed passwords and conduct man-in-the-middle (MITM) attacks."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://blogs.zdnet.com/security/?p=896",
"refsource": "MISC",
"url": "http://blogs.zdnet.com/security/?p=896"
},
{
"name": "20080223 Cisco confirms vulnerability in 7921 Wi-Fi IP phone",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2008/Feb/0449.html"
},
{
"name": "1019494",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1019494"
},
{
"name": "20080221 Cisco and Vocera wireless LAN VoIP devices don\u0027t check certificates",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2008/Feb/0402.html"
},
{
"name": "27935",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/27935"
},
{
"name": "http://blogs.zdnet.com/security/?p=901",
"refsource": "MISC",
"url": "http://blogs.zdnet.com/security/?p=901"
},
{
"name": "29082",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29082"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-1113",
"datePublished": "2008-03-03T18:00:00.000Z",
"dateReserved": "2008-03-03T00:00:00.000Z",
"dateUpdated": "2024-09-16T17:29:07.443Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-1113 (GCVE-0-2008-1113)
Vulnerability from cvelistv5 – Published: 2008-03-03 18:00 – Updated: 2024-09-16 17:29
VLAI
EPSS
VEX
Summary
Cisco Unified Wireless IP Phone 7921, when using Protected Extensible Authentication Protocol (PEAP), does not validate server certificates, which allows remote wireless access points to steal hashed passwords and conduct man-in-the-middle (MITM) attacks.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
7 references
| URL | Tags |
|---|---|
| http://blogs.zdnet.com/security/?p=896 | x_refsource_MISC |
| http://seclists.org/fulldisclosure/2008/Feb/0449.html | mailing-listx_refsource_FULLDISC |
| http://securitytracker.com/id?1019494 | vdb-entryx_refsource_SECTRACK |
| http://seclists.org/fulldisclosure/2008/Feb/0402.html | mailing-listx_refsource_FULLDISC |
| http://www.securityfocus.com/bid/27935 | vdb-entryx_refsource_BID |
| http://blogs.zdnet.com/security/?p=901 | x_refsource_MISC |
| http://secunia.com/advisories/29082 | third-party-advisoryx_refsource_SECUNIA |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T08:08:57.551Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://blogs.zdnet.com/security/?p=896"
},
{
"name": "20080223 Cisco confirms vulnerability in 7921 Wi-Fi IP phone",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2008/Feb/0449.html"
},
{
"name": "1019494",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1019494"
},
{
"name": "20080221 Cisco and Vocera wireless LAN VoIP devices don\u0027t check certificates",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2008/Feb/0402.html"
},
{
"name": "27935",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/27935"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://blogs.zdnet.com/security/?p=901"
},
{
"name": "29082",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29082"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Cisco Unified Wireless IP Phone 7921, when using Protected Extensible Authentication Protocol (PEAP), does not validate server certificates, which allows remote wireless access points to steal hashed passwords and conduct man-in-the-middle (MITM) attacks."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2008-03-03T18:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://blogs.zdnet.com/security/?p=896"
},
{
"name": "20080223 Cisco confirms vulnerability in 7921 Wi-Fi IP phone",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2008/Feb/0449.html"
},
{
"name": "1019494",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1019494"
},
{
"name": "20080221 Cisco and Vocera wireless LAN VoIP devices don\u0027t check certificates",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2008/Feb/0402.html"
},
{
"name": "27935",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/27935"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://blogs.zdnet.com/security/?p=901"
},
{
"name": "29082",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29082"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-1113",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cisco Unified Wireless IP Phone 7921, when using Protected Extensible Authentication Protocol (PEAP), does not validate server certificates, which allows remote wireless access points to steal hashed passwords and conduct man-in-the-middle (MITM) attacks."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://blogs.zdnet.com/security/?p=896",
"refsource": "MISC",
"url": "http://blogs.zdnet.com/security/?p=896"
},
{
"name": "20080223 Cisco confirms vulnerability in 7921 Wi-Fi IP phone",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2008/Feb/0449.html"
},
{
"name": "1019494",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1019494"
},
{
"name": "20080221 Cisco and Vocera wireless LAN VoIP devices don\u0027t check certificates",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2008/Feb/0402.html"
},
{
"name": "27935",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/27935"
},
{
"name": "http://blogs.zdnet.com/security/?p=901",
"refsource": "MISC",
"url": "http://blogs.zdnet.com/security/?p=901"
},
{
"name": "29082",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29082"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-1113",
"datePublished": "2008-03-03T18:00:00.000Z",
"dateReserved": "2008-03-03T00:00:00.000Z",
"dateUpdated": "2024-09-16T17:29:07.443Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}