Lucene search
K

5 matches found

RedhatCVE
RedhatCVE
added 2025/08/31 6:15 a.m.5 views

CVE-2025-57767

Asterisk is an open source private branch exchange and telephony toolkit. Prior to versions 20.15.2, 21.10.2, and 22.5.2, if a SIP request is received with an Authorization header that contains a realm that wasn't in a previous 401 response's WWW-Authenticate header, or an Authorization header wi...

7.5CVSS6.4AI score0.00381EPSS
Exploits0References2
OSV
OSV
added 2025/08/28 4:15 p.m.3 views

UBUNTU-CVE-2025-57767

Asterisk is an open source private branch exchange and telephony toolkit. Prior to versions 20.15.2, 21.10.2, and 22.5.2, if a SIP request is received with an Authorization header that contains a realm that wasn't in a previous 401 response's WWW-Authenticate header, or an Authorization header wi...

7.5CVSS5.7AI score0.00381EPSS
Exploits0References5
OSV
OSV
added 2025/08/28 3:33 p.m.9 views

CVE-2025-57767 Asterisk can crash from a specifically malformed Authorization header in an incoming SIP request

Asterisk is an open source private branch exchange and telephony toolkit. Prior to versions 20.15.2, 21.10.2, and 22.5.2, if a SIP request is received with an Authorization header that contains a realm that wasn't in a previous 401 response's WWW-Authenticate header, or an Authorization header wi...

7.5CVSS6.4AI score0.00381EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2025/08/28 3:33 p.m.1 views

CVE-2025-57767 Asterisk can crash from a specifically malformed Authorization header in an incoming SIP request

Asterisk is an open source private branch exchange and telephony toolkit. Prior to versions 20.15.2, 21.10.2, and 22.5.2, if a SIP request is received with an Authorization header that contains a realm that wasn't in a previous 401 response's WWW-Authenticate header, or an Authorization header wi...

7.5CVSS6.2AI score0.00381EPSS
Exploits0References3
CVE
CVE
added 2025/08/28 3:33 p.m.25 views

CVE-2025-57767

Asterisk contains a vulnerability in res_pjsip_authenticator_digest: if a SIP request carries an Authorization header with a realm mismatch relative to a previous 401, or an incorrect realm without a prior 401, get_authorization_header() can return NULL, and subsequent use to obtain the digest al...

7.5CVSS6.2AI score0.00381EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder