Описание
The DB dialplan function in Asterisk Open Source 1.8.x before 1.8.32, 11.x before 11.1.4.1, 12.x before 12.7.1, and 13.x before 13.0.1 and Certified Asterisk 1.8 before 1.8.28-cert8 and 11.6 before 11.6-cert8 allows remote authenticated users to gain privileges via a call from an external protocol, as demonstrated by the AMI protocol.
| Релиз | Статус | Примечание |
|---|---|---|
| artful | not-affected | 1:13.1.0~dfsg-1ubuntu1 |
| bionic | not-affected | 1:13.1.0~dfsg-1ubuntu1 |
| cosmic | not-affected | 1:13.1.0~dfsg-1ubuntu1 |
| devel | not-affected | 1:13.1.0~dfsg-1ubuntu1 |
| disco | not-affected | 1:13.1.0~dfsg-1ubuntu1 |
| esm-apps/bionic | not-affected | 1:13.1.0~dfsg-1ubuntu1 |
| esm-apps/xenial | not-affected | 1:13.1.0~dfsg-1ubuntu1 |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was needed] |
| lucid | ignored | end of life |
| precise | ignored | end of life |
Показывать по
EPSS
9 Critical
CVSS2
Связанные уязвимости
The DB dialplan function in Asterisk Open Source 1.8.x before 1.8.32, 11.x before 11.1.4.1, 12.x before 12.7.1, and 13.x before 13.0.1 and Certified Asterisk 1.8 before 1.8.28-cert8 and 11.6 before 11.6-cert8 allows remote authenticated users to gain privileges via a call from an external protocol, as demonstrated by the AMI protocol.
The DB dialplan function in Asterisk Open Source 1.8.x before 1.8.32, ...
The DB dialplan function in Asterisk Open Source 1.8.x before 1.8.32, 11.x before 11.1.4.1, 12.x before 12.7.1, and 13.x before 13.0.1 and Certified Asterisk 1.8 before 1.8.28-cert8 and 11.6 before 11.6-cert8 allows remote authenticated users to gain privileges via a call from an external protocol, as demonstrated by the AMI protocol.
EPSS
9 Critical
CVSS2