6.2 Medium
AI Score
Confidence
High
0.015 Low
EPSS
Percentile
86.9%
The res_pjsip_pubsub module in Asterisk Open Source 12.x before 12.5.1 allows remote authenticated users to cause a denial of service (crash) via crafted headers in a SIP SUBSCRIBE request for an event package.
downloads.asterisk.org/pub/security/AST-2014-009.html