Lucene search

[email protected]CVE-2008-1113

HistoryOct 03, 2022 - 4:13 p.m.

CVE-2008-1113

2022-10-0316:13:47

CWE-200

[email protected]

web.nvd.nist.gov

cisco

7921

vulnerability

mitm

peap

nvd

cve-2008-1113

7.8 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:C/I:N/A:N

6.7 Medium

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

55.4%

JSON

Cisco Unified Wireless IP Phone 7921, when using Protected Extensible Authentication Protocol (PEAP), does not validate server certificates, which allows remote wireless access points to steal hashed passwords and conduct man-in-the-middle (MITM) attacks.

Affected configurations

NVD

Node

cisco7921_wireless_ip_phone

AND

vocera_communicationsvocera_communications_badge

CPENameOperatorVersion
vocera_communications:vocera_communications_badgevocera communications vocera communications badgeeq*

CPE	Name	Operator	Version
vocera_communications:vocera_communications_badge	vocera communications vocera communications badge	eq	*

References

blogs.zdnet.com/security/?p=896

blogs.zdnet.com/security/?p=901

seclists.org/fulldisclosure/2008/Feb/0402.html

seclists.org/fulldisclosure/2008/Feb/0449.html

secunia.com/advisories/29082

securitytracker.com/id?1019494

www.securityfocus.com/bid/27935

7.8 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:C/I:N/A:N

6.7 Medium

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

55.4%

JSON

Related for CVE-2008-1113

cvelist1 nvd1 prion1