Lucene search

K
cvelistRedhatCVELIST:CVE-2011-4597
HistoryDec 15, 2011 - 2:00 a.m.

CVE-2011-4597

2011-12-1502:00:00
redhat
www.cve.org

6.3 Medium

AI Score

Confidence

Low

0.012 Low

EPSS

Percentile

84.9%

The SIP over UDP implementation in Asterisk Open Source 1.4.x before 1.4.43, 1.6.x before 1.6.2.21, and 1.8.x before 1.8.7.2 uses different port numbers for responses to invalid requests depending on whether a SIP username exists, which allows remote attackers to enumerate usernames via a series of requests.

6.3 Medium

AI Score

Confidence

Low

0.012 Low

EPSS

Percentile

84.9%