Lucene search
K

9 matches found

OSV
OSV
added 2024/10/21 1:15 a.m.9 views

UBUNTU-CVE-2024-49215

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2023-49294. Reason: This candidate is a reservation duplicate of CVE-2023-49294. Notes: All CVE users should reference CVE-2023-49294 instead of this candidate. All references and descriptions in this candidate have been removed t...

7.8CVSS5.8AI score
Exploits3References4
0day.today
0day.today
added 2024/03/29 12:0 a.m.496 views

Asterisk AMI - Partial File Content & Path Disclosure (Authenticated) Exploit

Exploit Title: Asterisk AMI - Partial File Content & Path Disclosure Authenticated Date: 2023-03-26 Exploit Author: Sean Pesce Vendor Homepage: https://asterisk.org/ Software Link: https://downloads.asterisk.org/pub/telephony/asterisk/old-releases/ Version: 18.20.0 Tested on: Debian Linux CVE:...

7.5CVSS7.4AI score0.4557EPSS
Exploits3
Packet Storm
Packet Storm
added 2024/03/28 12:0 a.m.479 views

Asterisk AMI 18.20.0 File Content / Path Disclosure

Exploit Title: Asterisk AMI - Partial File Content & Path Disclosure Authenticated Date: 2023-03-26 Exploit Author: Sean Pesce Vendor Homepage: https://asterisk.org/ Software Link: https://downloads.asterisk.org/pub/telephony/asterisk/old-releases/ Version: 18.20.0 Tested on: Debian Linux CVE:...

7.5CVSS7.4AI score0.4557EPSS
Exploits3
Exploit DB
Exploit DB
added 2024/03/28 12:0 a.m.555 views

Asterisk AMI - Partial File Content & Path Disclosure (Authenticated)

Exploit Title: Asterisk AMI - Partial File Content & Path Disclosure Authenticated Date: 2023-03-26 Exploit Author: Sean Pesce Vendor Homepage: https://asterisk.org/ Software Link: https://downloads.asterisk.org/pub/telephony/asterisk/old-releases/ Version: 18.20.0 Tested on: Debian Linux CVE:...

7.5CVSS7.7AI score0.4557EPSS
Exploits3
OpenVAS
OpenVAS
added 2023/12/15 12:0 a.m.26 views

Asterisk Multiple Vulnerabilities (Dec 2023)

Asterisk is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:digium:asterisk"; if description...

8.2CVSS6.4AI score0.4557EPSS
Exploits5References5
NVD
NVD
added 2023/12/14 8:15 p.m.23 views

CVE-2023-49294

Asterisk is an open source private branch exchange and telephony toolkit. In Asterisk prior to versions 18.20.1, 20.5.1, and 21.0.1, as well as certified-asterisk prior to 18.9-cert6, it is possible to read any arbitrary file even when the livedangerously is not enabled. This allows arbitrary fil...

7.5CVSS0.4557EPSS
Exploits3References4
Cvelist
Cvelist
added 2023/12/14 7:40 p.m.43 views

CVE-2023-49294 Asterisk Path Traversal vulnerability

Asterisk is an open source private branch exchange and telephony toolkit. In Asterisk prior to versions 18.20.1, 20.5.1, and 21.0.1, as well as certified-asterisk prior to 18.9-cert6, it is possible to read any arbitrary file even when the livedangerously is not enabled. This allows arbitrary fil...

4.9CVSS7.6AI score0.4557EPSS
Exploits3References4
CVE
CVE
added 2023/12/14 7:40 p.m.120 views

CVE-2023-49294

CVE-2023-49294 affects Asterisk: read arbitrary files when live_dangerously is not enabled. Affected versions are pre-18.20.1, pre-20.5.1, pre-21.0.1, and certified-asterisk before 18.9-cert6. The issue has a fix in 18.20.1, 20.5.1, 21.0.1, and certified-asterisk from 18.9-cert6 onward. Public ma...

7.5CVSS6AI score0.4557EPSS
Exploits3References4Affected Software2
UbuntuCve
UbuntuCve
added 2023/12/14 12:0 a.m.31 views

CVE-2023-49294

Asterisk is an open source private branch exchange and telephony toolkit. In Asterisk prior to versions 18.20.1, 20.5.1, and 21.0.1, as well as certified-asterisk prior to 18.9-cert6, it is possible to read any arbitrary file even when the livedangerously is not enabled. This allows arbitrary fil...

7.5CVSS7AI score0.4557EPSS
Exploits3References1
Rows per page
Query Builder