cbcvebase.
CVE-2019-18790
published 2019-11-22

CVE-2019-18790: An issue was discovered in channels/chan_sip.c in Sangoma Asterisk 13.x before 13.29.2, 16.x before 16.6.2, and 17.x before 17.0.1, and Certified Asterisk…

PriorityP337medium6.5CVSS 3.1
AVNACLPRNUINSUCLILAN
EPSS
2.05%
78.8th percentile
An issue was discovered in channels/chan_sip.c in Sangoma Asterisk 13.x before 13.29.2, 16.x before 16.6.2, and 17.x before 17.0.1, and Certified Asterisk 13.21 before cert5. A SIP request can be sent to Asterisk that can change a SIP peer's IP address. A REGISTER does not need to occur, and calls can be hijacked as a result. The only thing that needs to be known is the peer's name; authentication details such as passwords do not need to be known. This vulnerability is only exploitable when the nat option is set to the default, or auto_force_rport.

Affected

8 ranges
VendorProductVersion rangeFixed in
debianasterisk< asterisk 1:16.10.0~dfsg-1 (bullseye)asterisk 1:16.10.0~dfsg-1 (bullseye)
debiandebian_linux
debiandebian_linux
digiumasterisk>= 0 < 1:16.10.0~dfsg-11:16.10.0~dfsg-1
digiumasterisk>= 13.0.0 < 13.29.213.29.2
digiumasterisk>= 16.0.0 < 16.6.216.6.2
digiumasterisk>= 17.0.0 < 17.0.117.0.1
digiumcertified_asterisk

CVSS provenance

nvdv3.16.5MEDIUMCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
nvdv2.05.8MEDIUMAV:N/AC:M/Au:N/C:P/I:P/A:N
osv6.5MEDIUM
vendor_debian6.5MEDIUM
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.