Lucene search

K
cvelistMitreCVELIST:CVE-2018-17281
HistorySep 24, 2018 - 10:00 p.m.

CVE-2018-17281

2018-09-2422:00:00
mitre
www.cve.org

7.4 High

AI Score

Confidence

High

0.659 Medium

EPSS

Percentile

97.9%

There is a stack consumption vulnerability in the res_http_websocket.so module of Asterisk through 13.23.0, 14.7.x through 14.7.7, and 15.x through 15.6.0 and Certified Asterisk through 13.21-cert2. It allows an attacker to crash Asterisk via a specially crafted HTTP request to upgrade the connection to a websocket.

7.4 High

AI Score

Confidence

High

0.659 Medium

EPSS

Percentile

97.9%