Lucene search

MitreCVELIST:CVE-2008-1113

HistoryOct 03, 2022 - 4:13 p.m.

CVE-2008-1113

2022-10-0316:13:47

mitre

www.cve.org

cisco

wireless

authentication

man-in-the-middle

7921

cve-2008-1113

peap

server certificates

6.7 Medium

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

55.4%

JSON

Cisco Unified Wireless IP Phone 7921, when using Protected Extensible Authentication Protocol (PEAP), does not validate server certificates, which allows remote wireless access points to steal hashed passwords and conduct man-in-the-middle (MITM) attacks.

References

blogs.zdnet.com/security/?p=896

blogs.zdnet.com/security/?p=901

seclists.org/fulldisclosure/2008/Feb/0402.html

seclists.org/fulldisclosure/2008/Feb/0449.html

secunia.com/advisories/29082

securitytracker.com/id?1019494

www.securityfocus.com/bid/27935