QwikSec

Security Database

CVE

CWE

Training

CVE-2008-1113

Published: Mar 3, 2008

Modified: Sep 16, 2024

PUBLISHED

Description

Cisco Unified Wireless IP Phone 7921, when using Protected Extensible Authentication Protocol (PEAP), does not validate server certificates, which allows remote wireless access points to steal hashed passwords and conduct man-in-the-middle (MITM) attacks.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

http://blogs.zdnet.com/security/?p=896

x_refsource_MISC

20080223 Cisco confirms vulnerability in 7921 Wi-Fi IP phone

mailing-list

x_refsource_FULLDISC

vdb-entry

x_refsource_SECTRACK

20080221 Cisco and Vocera wireless LAN VoIP devices don't check certificates

mailing-list

x_refsource_FULLDISC

vdb-entry

x_refsource_BID

http://blogs.zdnet.com/security/?p=901

x_refsource_MISC

third-party-advisory

x_refsource_SECUNIA

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.