Asterisk Open Source vulnerabilities
22 known vulnerabilities affecting asterisk/open_source.
Total CVEs
22
CISA KEV
0
Public exploits
3
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH6MEDIUM15
Vulnerabilities
Page 2 of 2
CVE-2008-0095MEDIUMCVSS 5.0PoC≤ 1.4.162008-01-08
CVE-2008-0095 [MEDIUM] CWE-399 CVE-2008-0095: The SIP channel driver in Asterisk Open Source 1.4.x before 1.4.17, Business Edition before C.1.0-be
The SIP channel driver in Asterisk Open Source 1.4.x before 1.4.17, Business Edition before C.1.0-beta8, AsteriskNOW before beta7, Appliance Developer Kit before Asterisk 1.4 revision 95946, and Appliance s800i 1.0.x before 1.0.3.4 allows remote attackers to cause a denial of service (daemon crash) via a BYE message with an Also (Also transfer) header
nvd
CVE-2007-6430MEDIUMCVSS 4.3v1.2.0beta1v1.2.0beta2+35 more2007-12-20
CVE-2007-6430 [MEDIUM] CWE-287 CVE-2007-6430: Asterisk Open Source 1.2.x before 1.2.26 and 1.4.x before 1.4.16, and Business Edition B.x.x before
Asterisk Open Source 1.2.x before 1.2.26 and 1.4.x before 1.4.16, and Business Edition B.x.x before B.2.3.6 and C.x.x before C.1.0-beta8, when using database-based registrations ("realtime") and host-based authentication, does not check the IP address when the username is correct and there is no password, which allows remote attackers to bypass authent
nvd
← Previous2 / 2