Digium Vulnerabilities

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Type

Communications System144
Not Defined4

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Product

Digium Asterisk140
Digium Asterisk Open Source2
Digium Zaptel2
Digium Asterisk GUI2
Digium s800i2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Remediation

Official Fix136
Temporary Fix0
Workaround0
Unavailable0
Not Defined12

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Exploitability

High2
Functional0
Proof-of-Concept52
Unproven22
Not Defined72

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Access Vector

Not Defined0
Physical0
Local4
Adjacent2
Network142

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Authentication

Not Defined0
High0
Low38
None110

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

User Interaction

Not Defined0
Required0
None148

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

C3BM Index

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

CVSSv3 Base

≤10
≤20
≤30
≤40
≤512
≤662
≤718
≤842
≤912
≤102

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

CVSSv3 Temp

≤10
≤20
≤30
≤44
≤542
≤636
≤736
≤818
≤912
≤100

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

VulDB

≤10
≤20
≤30
≤44
≤58
≤666
≤720
≤838
≤910
≤102

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

NVD

≤10
≤20
≤30
≤40
≤50
≤66
≤70
≤86
≤96
≤102

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

CNA

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vendor

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Research

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Exploit 0-day

<1k50
<2k20
<5k68
<10k2
<25k4
<50k4
<100k0
≥100k0

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Exploit Today

<1k148
<2k0
<5k0
<10k0
<25k0
<50k0
<100k0
≥100k0

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Exploit Market Volume

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

🔴 CTI Activities

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Affected Products (7): Addons Module (1), Asterisk (141), Asterisk GUI (1), Asterisk Open Source (1), Certified Asterisk (1), Zaptel (1), s800i (2)

Link to Vendor Website: https://www.digium.com/

PublishedBaseTempVulnerabilityProdExpRemCTIEPSSCVE
04/15/20225.55.3Digium Asterisk STIR server-side request forgeryCommunications SystemNot DefinedOfficial Fix0.030.00555CVE-2022-26499
04/15/20226.36.0Digium Asterisk/Certified Asterisk func_odbc sql injectionCommunications SystemNot DefinedOfficial Fix0.030.00473CVE-2022-26651
04/15/20224.34.1Digium Asterisk STIR resource consumptionCommunications SystemNot DefinedOfficial Fix0.040.01775CVE-2022-26498
02/21/20214.34.3Digium Asterisk WebRTC Client res_rtp_asterisk.c stack-based overflowCommunications SystemNot DefinedOfficial Fix0.000.00238CVE-2021-26714
02/19/20215.15.1Digium Asterisk SDP Negotiation res_pjsip_session.c denial of serviceCommunications SystemNot DefinedOfficial Fix0.040.00159CVE-2021-26906
07/12/20194.24.2Digium Asterisk Open Source SDP chan_sip null pointer dereferenceCommunications SystemNot DefinedNot Defined0.020.00473CVE-2019-13161
07/12/20196.46.4Digium Asterisk res_pjsip_messaging memory corruptionCommunications SystemNot DefinedNot Defined0.020.04717CVE-2019-12827
11/14/20187.47.2Digium Asterisk DNS SRV/NAPTR Lookup memory corruptionCommunications SystemNot DefinedOfficial Fix0.030.00453CVE-2018-19278
12/22/20176.46.1Digium Asterisk PJSIP Channel Driver Contact Header input validationCommunications SystemNot DefinedOfficial Fix0.000.93850CVE-2017-17850
12/13/20174.84.7Digium Asterisk RTCP Stack memory corruptionCommunications SystemNot DefinedOfficial Fix0.030.93840CVE-2017-17664
12/02/20176.46.3Digium Asterisk chan_skinny Channel Driver chan_skinny.c resource managementCommunications SystemHighOfficial Fix0.000.69318CVE-2017-17090
11/09/20175.65.4Digium Asterisk pjsip Session Object memory corruptionCommunications SystemNot DefinedOfficial Fix0.010.02090CVE-2017-16672
11/09/20177.57.2Digium Asterisk CDR Handller memory corruptionCommunications SystemNot DefinedOfficial Fix0.020.01754CVE-2017-16671
10/10/20177.47.2Digium Asterisk RTCP Packet information disclosureCommunications SystemNot DefinedOfficial Fix0.000.00192CVE-2017-14603
09/26/20177.57.5Digium Asterisk GUI os command injectionCommunications SystemNot DefinedNot Defined0.040.00156CVE-2017-14001
09/02/20178.58.2Digium Asterisk command injectionCommunications SystemNot DefinedOfficial Fix0.000.96408CVE-2017-14100
09/02/20176.46.1Digium Asterisk res_rtp_asterisk.c information disclosureCommunications SystemNot DefinedOfficial Fix0.030.02365CVE-2017-14099
09/02/20176.46.1Digium Asterisk PJSIP Channel Driver input validationCommunications SystemNot DefinedOfficial Fix0.030.92718CVE-2017-14098
08/02/20175.25.1Digium Addons Module add-license-form.php cross site scriptingUnknownNot DefinedOfficial Fix0.030.00164CVE-2015-2690
06/02/20177.47.1Digium Asterisk PJSIP memory corruptionCommunications SystemNot DefinedOfficial Fix0.030.01208CVE-2017-9372
06/02/20176.46.1Digium Asterisk PJSIP out-of-boundsCommunications SystemNot DefinedOfficial Fix0.010.00660CVE-2017-9359
06/02/20176.46.1Digium Asterisk SCCP Packet infinite loopCommunications SystemNot DefinedOfficial Fix0.030.00694CVE-2017-9358
04/17/20176.46.1Digium Asterisk chain_sip resource managementCommunications SystemNot DefinedOfficial Fix0.000.04034CVE-2016-7551
04/10/20177.57.2Digium Asterisk CDR Dialplan Function memory corruptionCommunications SystemNot DefinedOfficial Fix0.030.01725CVE-2017-7617
12/08/20166.36.2Digium Asterisk Invite Request improper authorizationCommunications SystemNot DefinedOfficial Fix0.070.00196CVE-2016-9938

122 more entries are not shown

🔒 Login Required

You need to signup and login to see more of the remaining 122 results.

PreviousOverviewNext

Do you need the next level of professionalism?

Upgrade your account now!