CVE-2014-6609

2014-11-2615:00:00

mitre

www.cve.org

6.2 Medium

AI Score

Confidence

High

0.015 Low

EPSS

Percentile

86.9%

JSON

The res_pjsip_pubsub module in Asterisk Open Source 12.x before 12.5.1 allows remote authenticated users to cause a denial of service (crash) via crafted headers in a SIP SUBSCRIBE request for an event package.

References

downloads.asterisk.org/pub/security/AST-2014-009.html