Lucene search
+L

4 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 2:9 a.m.22 views

CVE-2023-51443

FreeSWITCH is a Software Defined Telecom Stack enabling the digital transformation from proprietary telecom switches to a software implementation that runs on any commodity hardware. Prior to version 1.10.11, when handling DTLS-SRTP for media setup, FreeSWITCH is susceptible to Denial of Service...

7.5CVSS6.8AI score0.01485EPSS
Exploits4References1
0day.today
0day.today
added 2023/12/29 12:0 a.m.512 views

FreeSWITCH 1.10.10 Denial Of Service Vulnerability

When handling DTLS-SRTP for media setup, FreeSWITCH version 1.10.10 is susceptible to denial of service due to a race condition in the hello handshake phase of the DTLS protocol. This attack can be done continuously, thus denying new DTLS-SRTP encrypted calls during the attack. FreeSWITCH...

7.5CVSS5.6AI score0.01485EPSS
Exploits4
OpenVAS
OpenVAS
added 2023/12/29 12:0 a.m.37 views

FreeSWITCH < 1.10.11 DoS Vulnerability

FreeSWITCH is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

7.5CVSS5.8AI score0.01485EPSS
Exploits4References1
CVE
CVE
added 2023/12/27 4:30 p.m.62 views

CVE-2023-51443

CVE-2023-51443 affects FreeSWITCH versions before 1.10.11. A race condition in the DTLS-SRTP handshake (DTLS ClientHello with invalid CipherSuite) can trigger a DTLS error, tearing down media and cascading to SIP signaling, causing DoS for new DTLS-SRTP calls. The documented fix is upgrading to F...

7.5CVSS6.5AI score0.01485EPSS
Exploits4References5Affected Software1
Rows per page
Query Builder