Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2018-7286
HistoryFeb 22, 2018 - 12:29 a.m.

CVE-2018-7286

2018-02-2200:29:00
NVD-CWE-noinfo
[email protected]
web.nvd.nist.gov
60
cve-2018-7286
asterisk
remote crash
res_pjsip
segmentation fault
nvd
sip
invite
tcp
tls

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

6.2 Medium

AI Score

Confidence

High

4 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:N/I:N/A:P

0.198 Low

EPSS

Percentile

96.3%

JSON

An issue was discovered in Asterisk through 13.19.1, 14.x through 14.7.5, and 15.x through 15.2.1, and Certified Asterisk through 13.18-cert2. res_pjsip allows remote authenticated users to crash Asterisk (segmentation fault) by sending a number of SIP INVITE messages on a TCP or TLS connection and then suddenly closing the connection.

Related

ubuntucve 1
zdt 1
prion 1
debiancve 1
exploitpack 1
checkpoint_advisories 1
packetstorm 1
osv 2
exploitdb 1
freebsd 1
openvas 2
nessus 4
debian 1
ubuntucve
ubuntucve
CVE-2018-7286
2018-02-22 00:00:00
zdt
zdt
Asterisk 15.2.0 chan_pjsip INVITE Denial Of Service Exploit
2018-02-27 00:00:00
prion
prion
Design/Logic Flaw
2018-02-22 00:29:00
debiancve
debiancve
CVE-2018-7286
2018-02-22 00:29:00
exploitpack
exploitpack
Asterisk chan_pjsip 15.2.0 - INVITE Denial of Service
2018-02-27 00:00:00
checkpoint_advisories
checkpoint_advisories
Digium Asterisk Denial of Service (CVE-2018-7286)
2019-01-17 00:00:00
packetstorm
packetstorm
Asterisk 15.2.0 chan_pjsip INVITE Denial Of Service
2018-02-26 00:00:00
osv
osv
CVE-2018-7286
2018-02-22 00:29:01
asterisk - security update
2018-10-16 00:00:00
exploitdb
exploitdb
Asterisk chan_pjsip 15.2.0 - 'INVITE' Denial of Service
2018-02-27 00:00:00
freebsd
freebsd
asterisk -- multiple vulnerabilities
2018-02-21 00:00:00
openvas
openvas
Asterisk Multiple Vulnerabilities
2018-02-22 00:00:00
Debian Security Advisory DSA 4320-1 (asterisk - security update)
2018-10-16 00:00:00
nessus
nessus
Asterisk 13.x < 13.19.2 / 14.x < 14.7.6 / 13.13 < 13.18-cert3 Multiple DoS Vulnerabilities (AST-2018-002, AST-2018-003, AST-2018-004, & AST-2018-005)
2018-03-02 00:00:00
FreeBSD : asterisk -- multiple vulnerabilities (933654ce-17b8-11e8-90b8-001999f8d30b)
2018-02-23 00:00:00
Asterisk 15.x < 15.2.2 Multiple Vulnerabilities (AST-2018-001 - AST-2018-006)
2018-03-02 00:00:00
debian
debian
[SECURITY] [DSA 4320-1] asterisk security update
2018-10-16 21:54:17

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

6.2 Medium

AI Score

Confidence

High

4 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:N/I:N/A:P

0.198 Low

EPSS

Percentile

96.3%

JSON
Related for CVE-2018-7286
ubuntucve1zdt1prion1debiancve1exploitpack1checkpoint_advisories1packetstorm1osv2exploitdb1freebsd1openvas2nessus4debian1