Описание
ConfBridge in Asterisk 11.x before 11.14.1, 12.x before 12.7.1, and 13.x before 13.0.1 and Certified Asterisk 11.6 before 11.6-cert8 allows remote authenticated users to (1) gain privileges via vectors related to an external protocol to the CONFBRIDGE dialplan function or (2) execute arbitrary system commands via a crafted ConfbridgeStartRecord AMI action.
| Релиз | Статус | Примечание |
|---|---|---|
| artful | not-affected | 1:13.1.0~dfsg-1ubuntu1 |
| bionic | not-affected | 1:13.1.0~dfsg-1ubuntu1 |
| cosmic | not-affected | 1:13.1.0~dfsg-1ubuntu1 |
| devel | not-affected | 1:13.1.0~dfsg-1ubuntu1 |
| disco | not-affected | 1:13.1.0~dfsg-1ubuntu1 |
| esm-apps/bionic | not-affected | 1:13.1.0~dfsg-1ubuntu1 |
| esm-apps/xenial | not-affected | 1:13.1.0~dfsg-1ubuntu1 |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was needed] |
| lucid | ignored | end of life |
| precise | ignored | end of life |
Показывать по
6.5 Medium
CVSS2
Связанные уязвимости
ConfBridge in Asterisk 11.x before 11.14.1, 12.x before 12.7.1, and 13.x before 13.0.1 and Certified Asterisk 11.6 before 11.6-cert8 allows remote authenticated users to (1) gain privileges via vectors related to an external protocol to the CONFBRIDGE dialplan function or (2) execute arbitrary system commands via a crafted ConfbridgeStartRecord AMI action.
ConfBridge in Asterisk 11.x before 11.14.1, 12.x before 12.7.1, and 13 ...
ConfBridge in Asterisk 11.x before 11.14.1, 12.x before 12.7.1, and 13.x before 13.0.1 and Certified Asterisk 11.6 before 11.6-cert8 allows remote authenticated users to (1) gain privileges via vectors related to an external protocol to the CONFBRIDGE dialplan function or (2) execute arbitrary system commands via a crafted ConfbridgeStartRecord AMI action.
6.5 Medium
CVSS2