Search
Find a vulnerability
Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
14 vulnerabilities by vocera
VAR-200803-0287
Vulnerability from variot - Updated: 2023-12-18 12:32Cisco Unified Wireless IP Phone 7921, when using Protected Extensible Authentication Protocol (PEAP), does not validate server certificates, which allows remote wireless access points to steal hashed passwords and conduct man-in-the-middle (MITM) attacks. Multiple VoIP products are prone to a security-bypass vulnerability in their PEAP implementation because their software fails to properly validate server certificates. Successfully exploiting this issue allows attackers to perform man-in-the-middle attacks by impersonating trusted authentication servers. This will aid in further attacks. The following products are prone to this issue: - Vocera Communications System badges - Cisco Wireless IP Phone 7921 Other devices and packages may also be affected. ----------------------------------------------------------------------
A new version (0.9.0.0 - Release Candidate 1) of the free Secunia PSI has been released. The new version includes many new and advanced features, which makes it even easier to stay patched.
Download and test it today: https://psi.secunia.com/
Read more about this new version: https://psi.secunia.com/?page=changelog
TITLE: Cisco IP Phone 7921 Insecure PEAP Implementation
SECUNIA ADVISORY ID: SA29082
VERIFY ADVISORY: http://secunia.com/advisories/29082/
CRITICAL: Less critical
IMPACT: Exposure of sensitive information
WHERE:
From local network
OPERATING SYSTEM: Cisco IP Phone 7921 http://secunia.com/product/17833/
DESCRIPTION: A security issue has been reported in Cisco IP Phone 7921, which potentially can be exploited by malicious people to disclose sensitive information.
The problem is that server certificates are not validated when using the PEAP protocol. This can be exploited to e.g. gain knowledge of authentication credentials when a user is tricked into connecting to a malicious authentication server.
SOLUTION: The vendor is reportedly working on a update and recommends using EAP-TLS instead of PEAP.
PROVIDED AND/OR DISCOVERED BY: Unknown researchers reported via ZDNet's Zero Day blog.
OTHER REFERENCES: http://blogs.zdnet.com/security/?p=896 http://blogs.zdnet.com/security/?p=901
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200803-0287",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "communications badge",
"scope": "eq",
"trust": 1.0,
"vendor": "vocera",
"version": "*"
},
{
"model": "communications badge",
"scope": null,
"trust": 0.8,
"vendor": "vocera",
"version": null
},
{
"model": "7921 wireless ip phone",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "communications vocera communications badge",
"scope": "eq",
"trust": 0.3,
"vendor": "vocera",
"version": "0"
},
{
"model": "wireless ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "79210"
}
],
"sources": [
{
"db": "BID",
"id": "27935"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-005533"
},
{
"db": "NVD",
"id": "CVE-2008-1113"
},
{
"db": "CNNVD",
"id": "CNNVD-200803-006"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:cisco:7921_wireless_ip_phone:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:vocera_communications:vocera_communications_badge:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2008-1113"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "George Ou disclosed this issue.",
"sources": [
{
"db": "BID",
"id": "27935"
},
{
"db": "CNNVD",
"id": "CNNVD-200803-006"
}
],
"trust": 0.9
},
"cve": "CVE-2008-1113",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 7.8,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 7.8,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2008-1113",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 7.8,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-31238",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2008-1113",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-200803-006",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-31238",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-31238"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-005533"
},
{
"db": "NVD",
"id": "CVE-2008-1113"
},
{
"db": "CNNVD",
"id": "CNNVD-200803-006"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco Unified Wireless IP Phone 7921, when using Protected Extensible Authentication Protocol (PEAP), does not validate server certificates, which allows remote wireless access points to steal hashed passwords and conduct man-in-the-middle (MITM) attacks. Multiple VoIP products are prone to a security-bypass vulnerability in their PEAP implementation because their software fails to properly validate server certificates. \nSuccessfully exploiting this issue allows attackers to perform man-in-the-middle attacks by impersonating trusted authentication servers. This will aid in further attacks. \nThe following products are prone to this issue:\n- Vocera Communications System badges\n- Cisco Wireless IP Phone 7921\nOther devices and packages may also be affected. ----------------------------------------------------------------------\n\nA new version (0.9.0.0 - Release Candidate 1) of the free Secunia PSI\nhas been released. The new version includes many new and advanced\nfeatures, which makes it even easier to stay patched. \n\nDownload and test it today:\nhttps://psi.secunia.com/\n\nRead more about this new version:\nhttps://psi.secunia.com/?page=changelog\n\n----------------------------------------------------------------------\n\nTITLE:\nCisco IP Phone 7921 Insecure PEAP Implementation\n\nSECUNIA ADVISORY ID:\nSA29082\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/29082/\n\nCRITICAL:\nLess critical\n\nIMPACT:\nExposure of sensitive information\n\nWHERE:\n\u003eFrom local network\n\nOPERATING SYSTEM:\nCisco IP Phone 7921\nhttp://secunia.com/product/17833/\n\nDESCRIPTION:\nA security issue has been reported in Cisco IP Phone 7921, which\npotentially can be exploited by malicious people to disclose\nsensitive information. \n\nThe problem is that server certificates are not validated when using\nthe PEAP protocol. This can be exploited to e.g. gain knowledge of\nauthentication credentials when a user is tricked into connecting to\na malicious authentication server. \n\nSOLUTION:\nThe vendor is reportedly working on a update and recommends using\nEAP-TLS instead of PEAP. \n\nPROVIDED AND/OR DISCOVERED BY:\nUnknown researchers reported via ZDNet\u0027s Zero Day blog. \n\nOTHER REFERENCES:\nhttp://blogs.zdnet.com/security/?p=896\nhttp://blogs.zdnet.com/security/?p=901\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2008-1113"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-005533"
},
{
"db": "BID",
"id": "27935"
},
{
"db": "VULHUB",
"id": "VHN-31238"
},
{
"db": "PACKETSTORM",
"id": "64101"
}
],
"trust": 2.07
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2008-1113",
"trust": 2.8
},
{
"db": "BID",
"id": "27935",
"trust": 2.0
},
{
"db": "SECUNIA",
"id": "29082",
"trust": 1.8
},
{
"db": "SECTRACK",
"id": "1019494",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2008-005533",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200803-006",
"trust": 0.7
},
{
"db": "FULLDISC",
"id": "20080221 CISCO AND VOCERA WIRELESS LAN VOIP DEVICES DON\u0027T CHECK CERTIFICATES",
"trust": 0.6
},
{
"db": "FULLDISC",
"id": "20080223 CISCO CONFIRMS VULNERABILITY IN 7921 WI-FI IP PHONE",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-31238",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "64101",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-31238"
},
{
"db": "BID",
"id": "27935"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-005533"
},
{
"db": "PACKETSTORM",
"id": "64101"
},
{
"db": "NVD",
"id": "CVE-2008-1113"
},
{
"db": "CNNVD",
"id": "CNNVD-200803-006"
}
]
},
"id": "VAR-200803-0287",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-31238"
}
],
"trust": 0.47675563
},
"last_update_date": "2023-12-18T12:32:05.175000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.vocera.com/"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2008-005533"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-200",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-31238"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-005533"
},
{
"db": "NVD",
"id": "CVE-2008-1113"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.1,
"url": "http://blogs.zdnet.com/security/?p=896"
},
{
"trust": 2.1,
"url": "http://blogs.zdnet.com/security/?p=901"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/27935"
},
{
"trust": 1.7,
"url": "http://seclists.org/fulldisclosure/2008/feb/0402.html"
},
{
"trust": 1.7,
"url": "http://seclists.org/fulldisclosure/2008/feb/0449.html"
},
{
"trust": 1.7,
"url": "http://securitytracker.com/id?1019494"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/29082"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-1113"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2008-1113"
},
{
"trust": 0.3,
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2008-february/060406.html"
},
{
"trust": 0.3,
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2008-february/060453.html"
},
{
"trust": 0.3,
"url": "http://vocera.com/"
},
{
"trust": 0.1,
"url": "http://secunia.com/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "https://psi.secunia.com/?page=changelog"
},
{
"trust": 0.1,
"url": "https://psi.secunia.com/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/29082/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/17833/"
},
{
"trust": 0.1,
"url": "http://secunia.com/about_secunia_advisories/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-31238"
},
{
"db": "BID",
"id": "27935"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-005533"
},
{
"db": "PACKETSTORM",
"id": "64101"
},
{
"db": "NVD",
"id": "CVE-2008-1113"
},
{
"db": "CNNVD",
"id": "CNNVD-200803-006"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-31238"
},
{
"db": "BID",
"id": "27935"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-005533"
},
{
"db": "PACKETSTORM",
"id": "64101"
},
{
"db": "NVD",
"id": "CVE-2008-1113"
},
{
"db": "CNNVD",
"id": "CNNVD-200803-006"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2008-03-03T00:00:00",
"db": "VULHUB",
"id": "VHN-31238"
},
{
"date": "2008-02-21T00:00:00",
"db": "BID",
"id": "27935"
},
{
"date": "2012-12-20T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2008-005533"
},
{
"date": "2008-02-27T20:02:28",
"db": "PACKETSTORM",
"id": "64101"
},
{
"date": "2008-03-03T18:44:00",
"db": "NVD",
"id": "CVE-2008-1113"
},
{
"date": "2008-03-03T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200803-006"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2008-09-05T00:00:00",
"db": "VULHUB",
"id": "VHN-31238"
},
{
"date": "2016-07-06T14:17:00",
"db": "BID",
"id": "27935"
},
{
"date": "2012-12-20T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2008-005533"
},
{
"date": "2008-09-05T21:36:50.757000",
"db": "NVD",
"id": "CVE-2008-1113"
},
{
"date": "2008-09-05T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200803-006"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200803-006"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco Unified Wireless IP Phone 7921 Hashed password stealing vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2008-005533"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "information disclosure",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200803-006"
}
],
"trust": 0.6
}
}
VAR-200803-0288
Vulnerability from variot - Updated: 2023-12-18 12:32Vocera Communications wireless handsets, when using Protected Extensible Authentication Protocol (PEAP), do not validate server certificates, which allows remote wireless access points to steal hashed passwords and conduct man-in-the-middle (MITM) attacks. Multiple VoIP products are prone to a security-bypass vulnerability in their PEAP implementation because their software fails to properly validate server certificates. Successfully exploiting this issue allows attackers to perform man-in-the-middle attacks by impersonating trusted authentication servers. This will aid in further attacks. The following products are prone to this issue: - Vocera Communications System badges - Cisco Wireless IP Phone 7921 Other devices and packages may also be affected
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200803-0288",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "wireless handset",
"scope": "eq",
"trust": 1.6,
"vendor": "vocera",
"version": null
},
{
"model": "wireless handset",
"scope": null,
"trust": 0.8,
"vendor": "vocera",
"version": null
},
{
"model": "communications vocera communications badge",
"scope": "eq",
"trust": 0.3,
"vendor": "vocera",
"version": "0"
},
{
"model": "wireless ip phone",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "79210"
}
],
"sources": [
{
"db": "BID",
"id": "27935"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-006645"
},
{
"db": "NVD",
"id": "CVE-2008-1114"
},
{
"db": "CNNVD",
"id": "CNNVD-200803-007"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:vocera:wireless_handset:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2008-1114"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "George Ou disclosed this issue.",
"sources": [
{
"db": "BID",
"id": "27935"
},
{
"db": "CNNVD",
"id": "CNNVD-200803-007"
}
],
"trust": 0.9
},
"cve": "CVE-2008-1114",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 4.3,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2008-1114",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "VHN-31239",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2008-1114",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-200803-007",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-31239",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-31239"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-006645"
},
{
"db": "NVD",
"id": "CVE-2008-1114"
},
{
"db": "CNNVD",
"id": "CNNVD-200803-007"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Vocera Communications wireless handsets, when using Protected Extensible Authentication Protocol (PEAP), do not validate server certificates, which allows remote wireless access points to steal hashed passwords and conduct man-in-the-middle (MITM) attacks. Multiple VoIP products are prone to a security-bypass vulnerability in their PEAP implementation because their software fails to properly validate server certificates. \nSuccessfully exploiting this issue allows attackers to perform man-in-the-middle attacks by impersonating trusted authentication servers. This will aid in further attacks. \nThe following products are prone to this issue:\n- Vocera Communications System badges\n- Cisco Wireless IP Phone 7921\nOther devices and packages may also be affected",
"sources": [
{
"db": "NVD",
"id": "CVE-2008-1114"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-006645"
},
{
"db": "BID",
"id": "27935"
},
{
"db": "VULHUB",
"id": "VHN-31239"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2008-1114",
"trust": 2.8
},
{
"db": "BID",
"id": "27935",
"trust": 2.0
},
{
"db": "JVNDB",
"id": "JVNDB-2008-006645",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200803-007",
"trust": 0.7
},
{
"db": "FULLDISC",
"id": "20080221 CISCO AND VOCERA WIRELESS LAN VOIP DEVICES DON\u0027T CHECK CERTIFICATES",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-31239",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-31239"
},
{
"db": "BID",
"id": "27935"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-006645"
},
{
"db": "NVD",
"id": "CVE-2008-1114"
},
{
"db": "CNNVD",
"id": "CNNVD-200803-007"
}
]
},
"id": "VAR-200803-0288",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-31239"
}
],
"trust": 0.47675563
},
"last_update_date": "2023-12-18T12:32:05.143000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.vocera.com/index.php"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2008-006645"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-20",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-31239"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-006645"
},
{
"db": "NVD",
"id": "CVE-2008-1114"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "http://blogs.zdnet.com/security/?p=896"
},
{
"trust": 2.0,
"url": "http://blogs.zdnet.com/security/?p=901"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/27935"
},
{
"trust": 1.7,
"url": "http://www.vocera.com/downloads/infrastructureguide.pdf"
},
{
"trust": 1.7,
"url": "http://seclists.org/fulldisclosure/2008/feb/0402.html"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-1114"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2008-1114"
},
{
"trust": 0.8,
"url": "http://www.zdnet.com/blog/security/design-flaw-in-wireless-voip-handsets-endanger-the-enterprise/896"
},
{
"trust": 0.3,
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2008-february/060406.html"
},
{
"trust": 0.3,
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2008-february/060453.html"
},
{
"trust": 0.3,
"url": "http://vocera.com/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-31239"
},
{
"db": "BID",
"id": "27935"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-006645"
},
{
"db": "NVD",
"id": "CVE-2008-1114"
},
{
"db": "CNNVD",
"id": "CNNVD-200803-007"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-31239"
},
{
"db": "BID",
"id": "27935"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-006645"
},
{
"db": "NVD",
"id": "CVE-2008-1114"
},
{
"db": "CNNVD",
"id": "CNNVD-200803-007"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2008-03-03T00:00:00",
"db": "VULHUB",
"id": "VHN-31239"
},
{
"date": "2008-02-21T00:00:00",
"db": "BID",
"id": "27935"
},
{
"date": "2013-06-21T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2008-006645"
},
{
"date": "2008-03-03T18:44:00",
"db": "NVD",
"id": "CVE-2008-1114"
},
{
"date": "2008-03-03T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200803-007"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-01-03T00:00:00",
"db": "VULHUB",
"id": "VHN-31239"
},
{
"date": "2016-07-06T14:17:00",
"db": "BID",
"id": "27935"
},
{
"date": "2013-06-21T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2008-006645"
},
{
"date": "2013-01-03T05:00:00",
"db": "NVD",
"id": "CVE-2008-1114"
},
{
"date": "2008-03-04T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200803-007"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200803-007"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Vocera Communications Wireless Handset Hashed password stealing vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2008-006645"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "input validation",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200803-007"
}
],
"trust": 0.6
}
}
CVE-2022-46902 (GCVE-0-2022-46902)
Vulnerability from cvelistv5 – Published: 2023-07-25 00:00 – Updated: 2024-10-30 14:06
VLAI
Summary
An issue was discovered in Vocera Report Server and Voice Server 5.x through 5.8. There is a Path Traversal for an Unzip operation. The Vocera Report Console contains a websocket function that allows for the restoration of the database from a ZIP archive that expects a SQL import file. During the unzip operation, the code takes file paths from the ZIP archive and writes them to a Vocera temporary directory. Unfortunately, the code does not properly check if the file paths include directory traversal payloads that would escape the intended destination.
Severity
6.3 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- n/a
- CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T14:47:27.741Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.stryker.com/us/en/about/governance/cyber-security/product-security/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.stryker.com/us/en/about/governance/cyber-security/product-security/vocera-report-server-vulnerabilities--cve-2022-46898--cve-2022-4.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2022-46902",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-24T16:02:31.746930Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-30T14:06:44.154Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in Vocera Report Server and Voice Server 5.x through 5.8. There is a Path Traversal for an Unzip operation. The Vocera Report Console contains a websocket function that allows for the restoration of the database from a ZIP archive that expects a SQL import file. During the unzip operation, the code takes file paths from the ZIP archive and writes them to a Vocera temporary directory. Unfortunately, the code does not properly check if the file paths include directory traversal payloads that would escape the intended destination."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-07-25T00:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://www.stryker.com/us/en/about/governance/cyber-security/product-security/"
},
{
"url": "https://www.stryker.com/us/en/about/governance/cyber-security/product-security/vocera-report-server-vulnerabilities--cve-2022-46898--cve-2022-4.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2022-46902",
"datePublished": "2023-07-25T00:00:00.000Z",
"dateReserved": "2022-12-09T00:00:00.000Z",
"dateUpdated": "2024-10-30T14:06:44.154Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-46900 (GCVE-0-2022-46900)
Vulnerability from cvelistv5 – Published: 2023-07-25 00:00 – Updated: 2024-10-29 13:37
VLAI
Summary
An issue was discovered in Vocera Report Server and Voice Server 5.x through 5.8. There is Path Traversal in the Task Exec filename. The Vocera Report Console contains various jobs that are executed on the server at specified intervals, e.g., backup, etc. An authenticated user has the ability to modify these entries and set the executable path and parameters.
Severity
6.5 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- n/a
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T14:47:27.662Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.stryker.com/us/en/about/governance/cyber-security/product-security/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.stryker.com/us/en/about/governance/cyber-security/product-security/vocera-report-server-vulnerabilities--cve-2022-46898--cve-2022-4.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2022-46900",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-23T20:32:32.997080Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-29T13:37:44.930Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in Vocera Report Server and Voice Server 5.x through 5.8. There is Path Traversal in the Task Exec filename. The Vocera Report Console contains various jobs that are executed on the server at specified intervals, e.g., backup, etc. An authenticated user has the ability to modify these entries and set the executable path and parameters."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-08-08T00:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://www.stryker.com/us/en/about/governance/cyber-security/product-security/"
},
{
"url": "https://www.stryker.com/us/en/about/governance/cyber-security/product-security/vocera-report-server-vulnerabilities--cve-2022-46898--cve-2022-4.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2022-46900",
"datePublished": "2023-07-25T00:00:00.000Z",
"dateReserved": "2022-12-09T00:00:00.000Z",
"dateUpdated": "2024-10-29T13:37:44.930Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-46901 (GCVE-0-2022-46901)
Vulnerability from cvelistv5 – Published: 2023-07-25 00:00 – Updated: 2024-10-23 20:32
VLAI
Summary
An issue was discovered in Vocera Report Server and Voice Server 5.x through 5.8. There is an Access Control Violation for Database Operations. The Vocera Report Console contains a websocket interface that allows for the unauthenticated execution of various tasks and database functions. This includes system tasks, and backing up, loading, and clearing of the database.
Severity
No CVSS data available.
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- n/a
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T14:47:27.859Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.stryker.com/us/en/about/governance/cyber-security/product-security/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.stryker.com/us/en/about/governance/cyber-security/product-security/vocera-report-server-vulnerabilities--cve-2022-46898--cve-2022-4.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-46901",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-23T20:31:55.087290Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-23T20:32:02.135Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in Vocera Report Server and Voice Server 5.x through 5.8. There is an Access Control Violation for Database Operations. The Vocera Report Console contains a websocket interface that allows for the unauthenticated execution of various tasks and database functions. This includes system tasks, and backing up, loading, and clearing of the database."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-07-25T00:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://www.stryker.com/us/en/about/governance/cyber-security/product-security/"
},
{
"url": "https://www.stryker.com/us/en/about/governance/cyber-security/product-security/vocera-report-server-vulnerabilities--cve-2022-46898--cve-2022-4.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2022-46901",
"datePublished": "2023-07-25T00:00:00.000Z",
"dateReserved": "2022-12-09T00:00:00.000Z",
"dateUpdated": "2024-10-23T20:32:02.135Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-46899 (GCVE-0-2022-46899)
Vulnerability from cvelistv5 – Published: 2023-07-25 00:00 – Updated: 2024-10-23 20:33
VLAI
Summary
An issue was discovered in Vocera Report Server and Voice Server 5.x through 5.8. There is Arbitrary File Upload. The BaseController class, that each of the service controllers derives from, allows for the upload of arbitrary files. If the HTTP request is a multipart/form-data POST request, any parameters with a filename entry will have their content written to a file in the Vocera upload-staging directory with the specified filename in the parameter.
Severity
No CVSS data available.
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- n/a
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T14:47:27.718Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.stryker.com/us/en/about/governance/cyber-security/product-security/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.stryker.com/us/en/about/governance/cyber-security/product-security/vocera-report-server-vulnerabilities--cve-2022-46898--cve-2022-4.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-46899",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-23T20:33:02.577721Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-23T20:33:11.455Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in Vocera Report Server and Voice Server 5.x through 5.8. There is Arbitrary File Upload. The BaseController class, that each of the service controllers derives from, allows for the upload of arbitrary files. If the HTTP request is a multipart/form-data POST request, any parameters with a filename entry will have their content written to a file in the Vocera upload-staging directory with the specified filename in the parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-07-25T00:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://www.stryker.com/us/en/about/governance/cyber-security/product-security/"
},
{
"url": "https://www.stryker.com/us/en/about/governance/cyber-security/product-security/vocera-report-server-vulnerabilities--cve-2022-46898--cve-2022-4.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2022-46899",
"datePublished": "2023-07-25T00:00:00.000Z",
"dateReserved": "2022-12-09T00:00:00.000Z",
"dateUpdated": "2024-10-23T20:33:11.455Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-46898 (GCVE-0-2022-46898)
Vulnerability from cvelistv5 – Published: 2023-07-25 00:00 – Updated: 2024-10-23 20:33
VLAI
Summary
An issue was discovered in Vocera Report Server and Voice Server 5.x through 5.8. There is Path Traversal via the "restore SQL data" filename. The Vocera Report Console contains a websocket function that allows for the restoration of the database from a ZIP archive that expects a SQL import file. The filename provided is not properly sanitized and allows for the inclusion of a path-traversal payload that can be used to escape the intended Vocera restoration directory. An attacker could exploit this vulnerability to point to a crafted ZIP archive that contains SQL commands that could be executed against the database.
Severity
No CVSS data available.
SSVC
Exploitation: none
Automatable: yes
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- n/a
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T14:47:27.653Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.stryker.com/us/en/about/governance/cyber-security/product-security/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.stryker.com/us/en/about/governance/cyber-security/product-security/vocera-report-server-vulnerabilities--cve-2022-46898--cve-2022-4.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-46898",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-23T20:33:35.314098Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-23T20:33:43.638Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in Vocera Report Server and Voice Server 5.x through 5.8. There is Path Traversal via the \"restore SQL data\" filename. The Vocera Report Console contains a websocket function that allows for the restoration of the database from a ZIP archive that expects a SQL import file. The filename provided is not properly sanitized and allows for the inclusion of a path-traversal payload that can be used to escape the intended Vocera restoration directory. An attacker could exploit this vulnerability to point to a crafted ZIP archive that contains SQL commands that could be executed against the database."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-07-25T00:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://www.stryker.com/us/en/about/governance/cyber-security/product-security/"
},
{
"url": "https://www.stryker.com/us/en/about/governance/cyber-security/product-security/vocera-report-server-vulnerabilities--cve-2022-46898--cve-2022-4.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2022-46898",
"datePublished": "2023-07-25T00:00:00.000Z",
"dateReserved": "2022-12-09T00:00:00.000Z",
"dateUpdated": "2024-10-23T20:33:43.638Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-1114 (GCVE-0-2008-1114)
Vulnerability from cvelistv5 – Published: 2008-03-03 18:00 – Updated: 2024-09-17 04:08
VLAI
Summary
Vocera Communications wireless handsets, when using Protected Extensible Authentication Protocol (PEAP), do not validate server certificates, which allows remote wireless access points to steal hashed passwords and conduct man-in-the-middle (MITM) attacks.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
5 references
| URL | Tags |
|---|---|
| http://blogs.zdnet.com/security/?p=896 | x_refsource_MISC |
| http://www.vocera.com/downloads/InfrastructureGuide.pdf | x_refsource_CONFIRM |
| http://seclists.org/fulldisclosure/2008/Feb/0402.html | mailing-listx_refsource_FULLDISC |
| http://www.securityfocus.com/bid/27935 | vdb-entryx_refsource_BID |
| http://blogs.zdnet.com/security/?p=901 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T08:08:57.608Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://blogs.zdnet.com/security/?p=896"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vocera.com/downloads/InfrastructureGuide.pdf"
},
{
"name": "20080221 Cisco and Vocera wireless LAN VoIP devices don\u0027t check certificates",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2008/Feb/0402.html"
},
{
"name": "27935",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/27935"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://blogs.zdnet.com/security/?p=901"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Vocera Communications wireless handsets, when using Protected Extensible Authentication Protocol (PEAP), do not validate server certificates, which allows remote wireless access points to steal hashed passwords and conduct man-in-the-middle (MITM) attacks."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2008-03-03T18:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://blogs.zdnet.com/security/?p=896"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vocera.com/downloads/InfrastructureGuide.pdf"
},
{
"name": "20080221 Cisco and Vocera wireless LAN VoIP devices don\u0027t check certificates",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2008/Feb/0402.html"
},
{
"name": "27935",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/27935"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://blogs.zdnet.com/security/?p=901"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-1114",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Vocera Communications wireless handsets, when using Protected Extensible Authentication Protocol (PEAP), do not validate server certificates, which allows remote wireless access points to steal hashed passwords and conduct man-in-the-middle (MITM) attacks."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://blogs.zdnet.com/security/?p=896",
"refsource": "MISC",
"url": "http://blogs.zdnet.com/security/?p=896"
},
{
"name": "http://www.vocera.com/downloads/InfrastructureGuide.pdf",
"refsource": "CONFIRM",
"url": "http://www.vocera.com/downloads/InfrastructureGuide.pdf"
},
{
"name": "20080221 Cisco and Vocera wireless LAN VoIP devices don\u0027t check certificates",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2008/Feb/0402.html"
},
{
"name": "27935",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/27935"
},
{
"name": "http://blogs.zdnet.com/security/?p=901",
"refsource": "MISC",
"url": "http://blogs.zdnet.com/security/?p=901"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-1114",
"datePublished": "2008-03-03T18:00:00.000Z",
"dateReserved": "2008-03-03T00:00:00.000Z",
"dateUpdated": "2024-09-17T04:08:42.687Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-46902 (GCVE-0-2022-46902)
Vulnerability from nvd – Published: 2023-07-25 00:00 – Updated: 2024-10-30 14:06
VLAI
Summary
An issue was discovered in Vocera Report Server and Voice Server 5.x through 5.8. There is a Path Traversal for an Unzip operation. The Vocera Report Console contains a websocket function that allows for the restoration of the database from a ZIP archive that expects a SQL import file. During the unzip operation, the code takes file paths from the ZIP archive and writes them to a Vocera temporary directory. Unfortunately, the code does not properly check if the file paths include directory traversal payloads that would escape the intended destination.
Severity
6.3 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- n/a
- CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T14:47:27.741Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.stryker.com/us/en/about/governance/cyber-security/product-security/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.stryker.com/us/en/about/governance/cyber-security/product-security/vocera-report-server-vulnerabilities--cve-2022-46898--cve-2022-4.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2022-46902",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-24T16:02:31.746930Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-30T14:06:44.154Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in Vocera Report Server and Voice Server 5.x through 5.8. There is a Path Traversal for an Unzip operation. The Vocera Report Console contains a websocket function that allows for the restoration of the database from a ZIP archive that expects a SQL import file. During the unzip operation, the code takes file paths from the ZIP archive and writes them to a Vocera temporary directory. Unfortunately, the code does not properly check if the file paths include directory traversal payloads that would escape the intended destination."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-07-25T00:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://www.stryker.com/us/en/about/governance/cyber-security/product-security/"
},
{
"url": "https://www.stryker.com/us/en/about/governance/cyber-security/product-security/vocera-report-server-vulnerabilities--cve-2022-46898--cve-2022-4.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2022-46902",
"datePublished": "2023-07-25T00:00:00.000Z",
"dateReserved": "2022-12-09T00:00:00.000Z",
"dateUpdated": "2024-10-30T14:06:44.154Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-46900 (GCVE-0-2022-46900)
Vulnerability from nvd – Published: 2023-07-25 00:00 – Updated: 2024-10-29 13:37
VLAI
Summary
An issue was discovered in Vocera Report Server and Voice Server 5.x through 5.8. There is Path Traversal in the Task Exec filename. The Vocera Report Console contains various jobs that are executed on the server at specified intervals, e.g., backup, etc. An authenticated user has the ability to modify these entries and set the executable path and parameters.
Severity
6.5 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- n/a
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T14:47:27.662Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.stryker.com/us/en/about/governance/cyber-security/product-security/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.stryker.com/us/en/about/governance/cyber-security/product-security/vocera-report-server-vulnerabilities--cve-2022-46898--cve-2022-4.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2022-46900",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-23T20:32:32.997080Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-29T13:37:44.930Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in Vocera Report Server and Voice Server 5.x through 5.8. There is Path Traversal in the Task Exec filename. The Vocera Report Console contains various jobs that are executed on the server at specified intervals, e.g., backup, etc. An authenticated user has the ability to modify these entries and set the executable path and parameters."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-08-08T00:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://www.stryker.com/us/en/about/governance/cyber-security/product-security/"
},
{
"url": "https://www.stryker.com/us/en/about/governance/cyber-security/product-security/vocera-report-server-vulnerabilities--cve-2022-46898--cve-2022-4.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2022-46900",
"datePublished": "2023-07-25T00:00:00.000Z",
"dateReserved": "2022-12-09T00:00:00.000Z",
"dateUpdated": "2024-10-29T13:37:44.930Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-46901 (GCVE-0-2022-46901)
Vulnerability from nvd – Published: 2023-07-25 00:00 – Updated: 2024-10-23 20:32
VLAI
Summary
An issue was discovered in Vocera Report Server and Voice Server 5.x through 5.8. There is an Access Control Violation for Database Operations. The Vocera Report Console contains a websocket interface that allows for the unauthenticated execution of various tasks and database functions. This includes system tasks, and backing up, loading, and clearing of the database.
Severity
No CVSS data available.
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- n/a
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T14:47:27.859Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.stryker.com/us/en/about/governance/cyber-security/product-security/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.stryker.com/us/en/about/governance/cyber-security/product-security/vocera-report-server-vulnerabilities--cve-2022-46898--cve-2022-4.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-46901",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-23T20:31:55.087290Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-23T20:32:02.135Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in Vocera Report Server and Voice Server 5.x through 5.8. There is an Access Control Violation for Database Operations. The Vocera Report Console contains a websocket interface that allows for the unauthenticated execution of various tasks and database functions. This includes system tasks, and backing up, loading, and clearing of the database."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-07-25T00:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://www.stryker.com/us/en/about/governance/cyber-security/product-security/"
},
{
"url": "https://www.stryker.com/us/en/about/governance/cyber-security/product-security/vocera-report-server-vulnerabilities--cve-2022-46898--cve-2022-4.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2022-46901",
"datePublished": "2023-07-25T00:00:00.000Z",
"dateReserved": "2022-12-09T00:00:00.000Z",
"dateUpdated": "2024-10-23T20:32:02.135Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-46899 (GCVE-0-2022-46899)
Vulnerability from nvd – Published: 2023-07-25 00:00 – Updated: 2024-10-23 20:33
VLAI
Summary
An issue was discovered in Vocera Report Server and Voice Server 5.x through 5.8. There is Arbitrary File Upload. The BaseController class, that each of the service controllers derives from, allows for the upload of arbitrary files. If the HTTP request is a multipart/form-data POST request, any parameters with a filename entry will have their content written to a file in the Vocera upload-staging directory with the specified filename in the parameter.
Severity
No CVSS data available.
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- n/a
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T14:47:27.718Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.stryker.com/us/en/about/governance/cyber-security/product-security/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.stryker.com/us/en/about/governance/cyber-security/product-security/vocera-report-server-vulnerabilities--cve-2022-46898--cve-2022-4.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-46899",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-23T20:33:02.577721Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-23T20:33:11.455Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in Vocera Report Server and Voice Server 5.x through 5.8. There is Arbitrary File Upload. The BaseController class, that each of the service controllers derives from, allows for the upload of arbitrary files. If the HTTP request is a multipart/form-data POST request, any parameters with a filename entry will have their content written to a file in the Vocera upload-staging directory with the specified filename in the parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-07-25T00:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://www.stryker.com/us/en/about/governance/cyber-security/product-security/"
},
{
"url": "https://www.stryker.com/us/en/about/governance/cyber-security/product-security/vocera-report-server-vulnerabilities--cve-2022-46898--cve-2022-4.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2022-46899",
"datePublished": "2023-07-25T00:00:00.000Z",
"dateReserved": "2022-12-09T00:00:00.000Z",
"dateUpdated": "2024-10-23T20:33:11.455Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-46898 (GCVE-0-2022-46898)
Vulnerability from nvd – Published: 2023-07-25 00:00 – Updated: 2024-10-23 20:33
VLAI
Summary
An issue was discovered in Vocera Report Server and Voice Server 5.x through 5.8. There is Path Traversal via the "restore SQL data" filename. The Vocera Report Console contains a websocket function that allows for the restoration of the database from a ZIP archive that expects a SQL import file. The filename provided is not properly sanitized and allows for the inclusion of a path-traversal payload that can be used to escape the intended Vocera restoration directory. An attacker could exploit this vulnerability to point to a crafted ZIP archive that contains SQL commands that could be executed against the database.
Severity
No CVSS data available.
SSVC
Exploitation: none
Automatable: yes
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- n/a
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T14:47:27.653Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.stryker.com/us/en/about/governance/cyber-security/product-security/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.stryker.com/us/en/about/governance/cyber-security/product-security/vocera-report-server-vulnerabilities--cve-2022-46898--cve-2022-4.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-46898",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-23T20:33:35.314098Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-23T20:33:43.638Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in Vocera Report Server and Voice Server 5.x through 5.8. There is Path Traversal via the \"restore SQL data\" filename. The Vocera Report Console contains a websocket function that allows for the restoration of the database from a ZIP archive that expects a SQL import file. The filename provided is not properly sanitized and allows for the inclusion of a path-traversal payload that can be used to escape the intended Vocera restoration directory. An attacker could exploit this vulnerability to point to a crafted ZIP archive that contains SQL commands that could be executed against the database."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-07-25T00:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://www.stryker.com/us/en/about/governance/cyber-security/product-security/"
},
{
"url": "https://www.stryker.com/us/en/about/governance/cyber-security/product-security/vocera-report-server-vulnerabilities--cve-2022-46898--cve-2022-4.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2022-46898",
"datePublished": "2023-07-25T00:00:00.000Z",
"dateReserved": "2022-12-09T00:00:00.000Z",
"dateUpdated": "2024-10-23T20:33:43.638Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-1114 (GCVE-0-2008-1114)
Vulnerability from nvd – Published: 2008-03-03 18:00 – Updated: 2024-09-17 04:08
VLAI
Summary
Vocera Communications wireless handsets, when using Protected Extensible Authentication Protocol (PEAP), do not validate server certificates, which allows remote wireless access points to steal hashed passwords and conduct man-in-the-middle (MITM) attacks.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
5 references
| URL | Tags |
|---|---|
| http://blogs.zdnet.com/security/?p=896 | x_refsource_MISC |
| http://www.vocera.com/downloads/InfrastructureGuide.pdf | x_refsource_CONFIRM |
| http://seclists.org/fulldisclosure/2008/Feb/0402.html | mailing-listx_refsource_FULLDISC |
| http://www.securityfocus.com/bid/27935 | vdb-entryx_refsource_BID |
| http://blogs.zdnet.com/security/?p=901 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T08:08:57.608Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://blogs.zdnet.com/security/?p=896"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vocera.com/downloads/InfrastructureGuide.pdf"
},
{
"name": "20080221 Cisco and Vocera wireless LAN VoIP devices don\u0027t check certificates",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2008/Feb/0402.html"
},
{
"name": "27935",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/27935"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://blogs.zdnet.com/security/?p=901"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Vocera Communications wireless handsets, when using Protected Extensible Authentication Protocol (PEAP), do not validate server certificates, which allows remote wireless access points to steal hashed passwords and conduct man-in-the-middle (MITM) attacks."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2008-03-03T18:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://blogs.zdnet.com/security/?p=896"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vocera.com/downloads/InfrastructureGuide.pdf"
},
{
"name": "20080221 Cisco and Vocera wireless LAN VoIP devices don\u0027t check certificates",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2008/Feb/0402.html"
},
{
"name": "27935",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/27935"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://blogs.zdnet.com/security/?p=901"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-1114",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Vocera Communications wireless handsets, when using Protected Extensible Authentication Protocol (PEAP), do not validate server certificates, which allows remote wireless access points to steal hashed passwords and conduct man-in-the-middle (MITM) attacks."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://blogs.zdnet.com/security/?p=896",
"refsource": "MISC",
"url": "http://blogs.zdnet.com/security/?p=896"
},
{
"name": "http://www.vocera.com/downloads/InfrastructureGuide.pdf",
"refsource": "CONFIRM",
"url": "http://www.vocera.com/downloads/InfrastructureGuide.pdf"
},
{
"name": "20080221 Cisco and Vocera wireless LAN VoIP devices don\u0027t check certificates",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2008/Feb/0402.html"
},
{
"name": "27935",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/27935"
},
{
"name": "http://blogs.zdnet.com/security/?p=901",
"refsource": "MISC",
"url": "http://blogs.zdnet.com/security/?p=901"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-1114",
"datePublished": "2008-03-03T18:00:00.000Z",
"dateReserved": "2008-03-03T00:00:00.000Z",
"dateUpdated": "2024-09-17T04:08:42.687Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}