CVE-2014-8413 in Digium Asterisk
Resumen (Inglés)
The res_pjsip_acl module in Asterisk Open Source 12.x before 12.7.1 and 13.x before 13.0.1 does properly create and load ACLs defined in pjsip.conf at startup, which allows remote attackers to bypass intended PJSIP ACL rules.
Reservar
2014-10-22
Divulgación
2014-11-24
Voces
VulDB provides additional information and datapoints for this CVE:
| ID | Vulnerabilidad | CWE | Exp | Con | CVE |
|---|---|---|---|---|---|
| 68258 | Digium Asterisk PJSIP ACL res_pjsip_acl escalada de privilegios | 264 | No probado | Arreglo oficial | CVE-2014-8413 |