CVE-2022-26499Server-Side Request Forgery in Asterisk

CWE-918Server-Side Request Forgery6 documents5 sources
Severity
9.1CRITICALNVD
EPSS
0.5%
top 34.52%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
Digium AsteriskDebian AsteriskDebian Linux
Timeline
PublishedApr 15
Latest updateApr 18

Description

An SSRF issue was discovered in Asterisk through 19.x. When using STIR/SHAKEN, it's possible to send arbitrary requests (such as GET) to interfaces such as localhost by using the Identity header. This is fixed in 16.25.2, 18.11.2, and 19.3.2.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:NExploitability: 3.9 | Impact: 5.2

Affected Packages3 packages

NVDdigium/asterisk18.018.11.2+2
debiandebian/asterisk< asterisk 1:16.28.0~dfsg-0+deb11u1 (bullseye)
Debiandigium/asterisk< 1:16.28.0~dfsg-0+deb11u1

Also affects: Debian Linux 10.0, 11.0

Patches

Patch: packetstormsecurity.comPatch: downloads.asterisk.orgPatch: packetstormsecurity.com

🔴Vulnerability Details

2
GHSA
GHSA-fwqw-pr3c-3j3r: An SSRF issue was discovered in Asterisk through 192022-04-16
OSV
CVE-2022-26499: An SSRF issue was discovered in Asterisk through 192022-04-15

📋Vendor Advisories

1
Debian
CVE-2022-26499: asterisk - An SSRF issue was discovered in Asterisk through 19.x. When using STIR/SHAKEN, i...2022

💬Community

2
Bugzilla
CVE-2022-26498 CVE-2022-26499 CVE-2022-26651 asterisk: multiple vulnerabilities [epel-all]2022-04-18
Bugzilla
CVE-2022-26498 CVE-2022-26499 CVE-2022-26651 asterisk: multiple vulnerabilities [fedora-all]2022-04-18
CVE-2022-26499 — Server-Side Request Forgery | cvebase