6.7 Medium
AI Score
Confidence
Low
3.5 Low
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:S/C:N/I:N/A:P
0.96 High
EPSS
Percentile
99.4%
The Skinny channel driver (chan_skinny) in Asterisk Open Source before 1.4.10, AsteriskNOW before beta7, Appliance Developer Kit before 0.7.0, and Appliance s800i before 1.0.3 allows remote authenticated users to cause a denial of service (application crash) via a CAPABILITIES_RES_MESSAGE packet with a capabilities count larger than the capabilities_res_message array population.
CPE | Name | Operator | Version |
---|---|---|---|
asterisk | le | 1.4.9 | |
asterisk_appliance_developer_kit | le | 0.6.0 | |
asterisknow | eq | <= beta-6 | |
s800i | le | 1.0.2 |