Lucene search
HistoryJun 17, 2014 - 2:55 p.m.
CVE-2014-4048
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:N/A:P
6.5 Medium
AI Score
Confidence
High
0.008 Low
EPSS
Percentile
81.2%
The PJSIP Channel Driver in Asterisk Open Source before 12.3.1 allows remote attackers to cause a denial of service (deadlock) by terminating a subscription request before it is complete, which triggers a SIP transaction timeout.
Affected configurations
Node
digiumasteriskRange≤12.3.0
ORdigiumasteriskMatch12.0.0
ORdigiumasteriskMatch12.1.0-
ORdigiumasteriskMatch12.1.0rc1
ORdigiumasteriskMatch12.1.0rc2
ORdigiumasteriskMatch12.1.0rc3
ORdigiumasteriskMatch12.1.1
ORdigiumasteriskMatch12.2.0
ORdigiumasteriskMatch12.2.0rc1
ORdigiumasteriskMatch12.2.0rc2
ORdigiumasteriskMatch12.2.0rc3
ORdigiumasteriskMatch12.3.0rc1
ORdigiumasteriskMatch12.3.0rc2
Related
securityvulns
securityvulns
AST-2014-008: Denial of Service in PJSIP Channel Driver Subscriptions
2014-06-13 00:00:00
Asterisk multiple security vulnerabilities
2014-06-13 00:00:00
cvelist
cvelist
CVE-2014-4048
2014-06-17 14:00:00
ubuntucve
ubuntucve
CVE-2014-4048
2014-06-17 00:00:00
prion
prion
Cross site request forgery (csrf)
2014-06-17 14:55:00
cve
cve
CVE-2014-4048
2014-06-17 14:55:08
debiancve
debiancve
CVE-2014-4048
2014-06-17 14:55:08
nessus
nessus
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:N/A:P
6.5 Medium
AI Score
Confidence
High
0.008 Low
EPSS
Percentile
81.2%
Related for NVD:CVE-2014-4048