CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2008-1113

Cisco Unified Wireless IP Phone 7921, when using Protected Extensible Authentication Protocol (PEAP), does not validate server certificates, which allows remote wireless access points to steal hashed passwords and conduct man-in-the-middle (MITM) attacks.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 46.8%

CVSS Severity

CVSS v2 Score 7.8

References

http://blogs.zdnet.com/security/?p=896
http://blogs.zdnet.com/security/?p=901
http://seclists.org/fulldisclosure/2008/Feb/0402.html
http://seclists.org/fulldisclosure/2008/Feb/0449.html
http://secunia.com/advisories/29082
http://securitytracker.com/id?1019494
http://www.securityfocus.com/bid/27935
http://blogs.zdnet.com/security/?p=896
http://blogs.zdnet.com/security/?p=901
http://seclists.org/fulldisclosure/2008/Feb/0402.html
http://seclists.org/fulldisclosure/2008/Feb/0449.html
http://secunia.com/advisories/29082
http://securitytracker.com/id?1019494
http://www.securityfocus.com/bid/27935

Products affected by CVE-2008-1113

Vocera Communications » Vocera Communications Badge » Version: Any

cpe:2.3:a:vocera_communications:vocera_communications_badge:*
Cisco » 7921 Wireless Ip Phone » Version: Any

cpe:2.3:h:cisco:7921_wireless_ip_phone:*

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2008-1113

Products

Pricing

Contact Us