Asterisk@12.1.1 Security Vulnerabilities and Issues — Asterisk@12.1.1 CVE List

Lucene search

DigiumAsterisk12.1.1

4 matches found

CVE•added 2014/06/17 2:55 p.m.•84 views

CVE-2014-4047

Asterisk Open Source 1.8.x before 1.8.28.1, 11.x before 11.10.1, and 12.x before 12.3.1 and Certified Asterisk 1.8.15 before 1.8.15-cert6 and 11.6 before 11.6-cert3 allows remote attackers to cause a denial of service (connection consumption) via a large number of (1) inactive or (2) incomplete HTT...

5CVSS6.5AI score0.11713EPSS

CVE•added 2014/06/17 2:55 p.m.•63 views

CVE-2014-4046

Asterisk Open Source 11.x before 11.10.1 and 12.x before 12.3.1 and Certified Asterisk 11.6 before 11.6-cert3 allows remote authenticated Manager users to execute arbitrary shell commands via a MixMonitor action.

6.5CVSS7.1AI score0.03222EPSS

CVE•added 2014/06/17 2:55 p.m.•55 views

CVE-2014-4048

The PJSIP Channel Driver in Asterisk Open Source before 12.3.1 allows remote attackers to cause a denial of service (deadlock) by terminating a subscription request before it is complete, which triggers a SIP transaction timeout.

4.3CVSS6.6AI score0.0667EPSS

CVE•added 2014/06/17 2:55 p.m.•47 views

CVE-2014-4045

The Publish/Subscribe Framework in the PJSIP channel driver in Asterisk Open Source 12.x before 12.3.1, when sub_min_expiry is set to zero, allows remote attackers to cause a denial of service (assertion failure and crash) via an unsubscribe request when not subscribed to the device.

4.3CVSS6.7AI score0.0711EPSS