CVE-2012-2186 in Asteriskinfo

Zusammenfassung

von MITRE

Incomplete blacklist vulnerability in main/manager.c in Asterisk Open Source 1.8.x before 1.8.15.1 and 10.x before 10.7.1, Certified Asterisk 1.8.11 before 1.8.11-cert6, Asterisk Digiumphones 10.x.x-digiumphones before 10.7.1-digiumphones, and Asterisk Business Edition C.3.x before C.3.7.6 allows remote authenticated users to execute arbitrary commands by leveraging originate privileges and providing an ExternalIVR value in an AMI Originate action.

Once again VulDB remains the best source for vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Reservieren

04.04.2012

Veröffentlichung

31.08.2012

Moderieren

akzeptiert

Eintrag

VDB-6081

CPE

bereit

CWE

CWE-269 (bestätigt)

CVSS

9.0 (NVD)

EPSS

0.03558

KEV

nein

Aktivitäten

very low

Sektor

Agriculture, Government, ...

Quellen

MITRE	https://www.cve.org/CVERecord?id=CVE-2012-2186
NVD	https://nvd.nist.gov/vuln/detail/CVE-2012-2186
CVE Details	https://www.cvedetails.com/cve/CVE-2012-2186/

◂ Zurück Übersicht Weiter ▸

Do you need the next level of professionalism?

Upgrade your account now!