CVE-2008-1113

Cisco Unified Wireless IP Phone 7921 - MITM

Title source: llm
STIX 2.1

Description

Cisco Unified Wireless IP Phone 7921, when using Protected Extensible Authentication Protocol (PEAP), does not validate server certificates, which allows remote wireless access points to steal hashed passwords and conduct man-in-the-middle (MITM) attacks.

References (7)

Core 7
Core References
Various Sources x_refsource_misc
http://blogs.zdnet.com/security/?p=896
Mailing List mailing-list x_refsource_fulldisc
http://seclists.org/fulldisclosure/2008/Feb/0449.html
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://securitytracker.com/id?1019494
Mailing List mailing-list x_refsource_fulldisc
http://seclists.org/fulldisclosure/2008/Feb/0402.html
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/27935
Various Sources x_refsource_misc
http://blogs.zdnet.com/security/?p=901
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/29082

Scores

EPSS 0.0089
EPSS Percentile 55.0%

Details

CWE
CWE-200
Status published
Products (1)
vocera_communications/vocera_communications_badge
Published Mar 03, 2008
Tracked Since Feb 18, 2026