CVE-2008-1113

Cisco Unified Wireless IP Phone 7921, when using Protected Extensible Authentication Protocol (PEAP), does not validate server certificates, which allows remote wireless access points to steal hashed passwords and conduct man-in-the-middle (MITM) attacks.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.8 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:C/I:N/A:N
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 46%
VendorProductVersion
vocera_communicationsvocera_communications_badge
*
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://blogs.zdnet.com/security/?p=896
http://blogs.zdnet.com/security/?p=901
http://seclists.org/fulldisclosure/2008/Feb/0402.html
http://seclists.org/fulldisclosure/2008/Feb/0449.html
http://secunia.com/advisories/29082
http://securitytracker.com/id?1019494
http://www.securityfocus.com/bid/27935
http://blogs.zdnet.com/security/?p=896
http://blogs.zdnet.com/security/?p=901
http://seclists.org/fulldisclosure/2008/Feb/0402.html
http://seclists.org/fulldisclosure/2008/Feb/0449.html
http://secunia.com/advisories/29082
http://securitytracker.com/id?1019494
http://www.securityfocus.com/bid/27935