Back to search
CVE-2008-1114
Published: Mar 3, 2008
Modified: Sep 17, 2024
PUBLISHED
Description
Vocera Communications wireless handsets, when using Protected Extensible Authentication Protocol (PEAP), do not validate server certificates, which allows remote wireless access points to steal hashed passwords and conduct man-in-the-middle (MITM) attacks.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
http://blogs.zdnet.com/security/?p=896
x_refsource_MISC
http://www.vocera.com/downloads/InfrastructureGuide.pdf
x_refsource_CONFIRM
20080221 Cisco and Vocera wireless LAN VoIP devices don't check certificates
mailing-list
x_refsource_FULLDISC
27935
vdb-entry
x_refsource_BID
http://blogs.zdnet.com/security/?p=901
x_refsource_MISC
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now