Lucene search

K
cvelistMitreCVELIST:CVE-2022-26499
HistoryApr 15, 2022 - 12:00 a.m.

CVE-2022-26499

2022-04-1500:00:00
mitre
www.cve.org

9.2 High

AI Score

Confidence

High

0.007 Low

EPSS

Percentile

80.2%

An SSRF issue was discovered in Asterisk through 19.x. When using STIR/SHAKEN, it’s possible to send arbitrary requests (such as GET) to interfaces such as localhost by using the Identity header. This is fixed in 16.25.2, 18.11.2, and 19.3.2.

9.2 High

AI Score

Confidence

High

0.007 Low

EPSS

Percentile

80.2%