Lucene search

PRIOn knowledge basePRION:CVE-2019-15639

HistorySep 09, 2019 - 1:15 p.m.

Code injection

2019-09-0913:15:00

PRIOn knowledge base

www.prio-n.com

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.004 Low

EPSS

Percentile

74.2%

JSON

main/translate.c in Sangoma Asterisk 13.28.0 and 16.5.0 allows a remote attacker to send a specific RTP packet during a call and cause a crash in a specific scenario.

CPENameOperatorVersion
asteriskge13.0.0
asteriskle13.28.0
asteriskge16.0.0
asteriskle16.5.0

Name	Operator	Version
asterisk	ge	13.0.0
asterisk	le	13.28.0
asterisk	ge	16.0.0
asterisk	le	16.5.0

References

downloads.asterisk.org/pub/security/AST-2019-005.html

packetstormsecurity.com/files/154372/Asterisk-Project-Security-Advisory-AST-2019-005.html

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.004 Low

EPSS

Percentile

74.2%

JSON

Related for PRION:CVE-2019-15639