CVE-2012-4737 in Asteriskinfo

Summary

channels/chan_iax2.c in Asterisk Open Source 1.8.x before 1.8.15.1 and 10.x before 10.7.1, Certified Asterisk 1.8.11 before 1.8.11-cert7, Asterisk Digiumphones 10.x.x-digiumphones before 10.7.1-digiumphones, and Asterisk Business Edition C.3.x before C.3.7.6 does not enforce ACL rules during certain uses of peer credentials, which allows remote authenticated users to bypass intended outbound-call restrictions by leveraging the availability of these credentials.

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

Reservation

08/30/2012

Disclosure

08/31/2012

Moderation

VulDB entry created

Entries

VDB-6080 (1)

CPE

ready

CWE

CWE-264 (Confirmed)

CVSS

4.6

EPSS

0.01504

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2012-4737
NVD	https://nvd.nist.gov/vuln/detail/CVE-2012-4737
CVE Details	https://www.cvedetails.com/cve/CVE-2012-4737/

◂ Previous Overview Next ▸

Might our Artificial Intelligence support you?

Check our Alexa App!