Digium Luki w zabezpieczeniach

Oś czasu

Rodzaj

Communications System	146
Not Defined	4

Produkt

Digium Asterisk	144
Digium s800i	2
Digium Certified Asterisk	1
Digium Asterisk Open Source	1
Digium Asterisk GUI	1

Przeciwdziałanie

Official Fix	139
Temporary Fix	0
Workaround	0
Unavailable	0
Not Defined	11

Wykorzystywanie

High	2
Functional	0
Proof-of-Concept	49
Unproven	22
Not Defined	77

Wektor dostępu

Not Defined	0
Physical	0
Local	3
Adjacent	2
Network	145

Uwierzytelnianie

Not Defined	0
High	1
Low	38
None	111

Interakcja z użytkownikiem

Not Defined	0
Required	1
None	149

C3BM Index

CVSSv3 Base

≤1	0
≤2	0
≤3	0
≤4	1
≤5	16
≤6	59
≤7	27
≤8	38
≤9	6
≤10	3

CVSSv3 Temp

≤1	0
≤2	0
≤3	0
≤4	7
≤5	38
≤6	43
≤7	39
≤8	15
≤9	8
≤10	0

VulDB

≤1	0
≤2	0
≤3	1
≤4	3
≤5	16
≤6	65
≤7	20
≤8	37
≤9	5
≤10	3

NVD

≤1	0
≤2	0
≤3	0
≤4	0
≤5	0
≤6	6
≤7	3
≤8	11
≤9	3
≤10	1

CNA

≤1	0
≤2	0
≤3	0
≤4	0
≤5	1
≤6	0
≤7	0
≤8	2
≤9	0
≤10	0

Sprzedawca

≤1	0
≤2	0
≤3	0
≤4	0
≤5	0
≤6	0
≤7	0
≤8	0
≤9	0
≤10	0

Research

≤1	0
≤2	0
≤3	0
≤4	0
≤5	0
≤6	0
≤7	0
≤8	0
≤9	0
≤10	0

Exploit 0-day

<1k	45
<2k	34
<5k	60
<10k	2
<25k	5
<50k	4
<100k	0
≥100k	0

Wykorzystaj dzisiaj

<1k	150
<2k	0
<5k	0
<10k	0
<25k	0
<50k	0
<100k	0
≥100k	0

Wykorzystaj wielkość rynku

🔴 CTI Zajęcia

Affected Products (7): Addons Module (1), Asterisk (144), Asterisk GUI (1), Asterisk Open Source (1), Certified Asterisk (1), Zaptel (1), s800i (2)

Link to Vendor Website: https://www.digium.com/

Opublikowano	Base	Temp	Słaby punkt	Prod	Wyk	Prz	EPSS	CTI	CVE
2023-12-15	3.8	3.7	Digium Asterisk directory traversal	Communications System	Not Defined	Official Fix	0.00104	0.00	CVE-2023-49294
2023-12-15	5.6	5.5	Digium Asterisk DTLS denial of service	Communications System	Not Defined	Official Fix	0.00513	0.00	CVE-2023-49786
2023-12-15	6.4	6.3	Digium Asterisk memory corruption	Communications System	Not Defined	Official Fix	0.00121	0.04	CVE-2023-37457
2022-04-15	5.5	5.3	Digium Asterisk STIR privilege escalation	Communications System	Not Defined	Official Fix	0.00687	0.02	CVE-2022-26499
2022-04-15	6.3	6.0	Digium Asterisk/Certified Asterisk func_odbc sql injection	Communications System	Not Defined	Official Fix	0.00740	0.00	CVE-2022-26651
2022-04-15	4.3	4.1	Digium Asterisk STIR denial of service	Communications System	Not Defined	Official Fix	0.02940	0.00	CVE-2022-26498
2021-02-21	4.3	4.3	Digium Asterisk WebRTC Client res_rtp_asterisk.c memory corruption	Communications System	Not Defined	Official Fix	0.00263	0.00	CVE-2021-26714
2021-02-19	5.1	5.1	Digium Asterisk SDP Negotiation res_pjsip_session.c denial of service	Communications System	Not Defined	Official Fix	0.00193	0.00	CVE-2021-26906
2019-07-12	4.2	4.2	Digium Asterisk Open Source SDP chan_sip denial of service	Communications System	Not Defined	Not Defined	0.00473	0.00	CVE-2019-13161
2019-07-12	6.4	6.4	Digium Asterisk res_pjsip_messaging memory corruption	Communications System	Not Defined	Not Defined	0.04717	0.00	CVE-2019-12827
2018-11-14	7.4	7.2	Digium Asterisk DNS SRV/NAPTR Lookup memory corruption	Communications System	Not Defined	Official Fix	0.00449	0.00	CVE-2018-19278
2017-12-22	6.4	6.1	Digium Asterisk PJSIP Channel Driver Contact Header privilege escalation	Communications System	Not Defined	Official Fix	0.92868	0.03	CVE-2017-17850
2017-12-13	4.8	4.7	Digium Asterisk RTCP Stack memory corruption	Communications System	Not Defined	Official Fix	0.92854	0.00	CVE-2017-17664
2017-12-02	6.4	6.3	Digium Asterisk chan_skinny Channel Driver chan_skinny.c denial of service	Communications System	High	Official Fix	0.69318	0.02	CVE-2017-17090
2017-11-09	5.6	5.4	Digium Asterisk pjsip Session Object memory corruption	Communications System	Not Defined	Official Fix	0.02090	0.00	CVE-2017-16672
2017-11-09	7.5	7.2	Digium Asterisk CDR Handller memory corruption	Communications System	Not Defined	Official Fix	0.01754	0.00	CVE-2017-16671
2017-10-10	7.4	7.2	Digium Asterisk RTCP Packet information disclosure	Communications System	Not Defined	Official Fix	0.00192	0.00	CVE-2017-14603
2017-09-26	7.5	7.5	Digium Asterisk GUI privilege escalation	Communications System	Not Defined	Not Defined	0.00117	0.00	CVE-2017-14001
2017-09-02	8.5	8.2	Digium Asterisk privilege escalation	Communications System	Not Defined	Official Fix	0.96119	0.00	CVE-2017-14100
2017-09-02	6.4	6.1	Digium Asterisk res_rtp_asterisk.c information disclosure	Communications System	Not Defined	Official Fix	0.02056	0.00	CVE-2017-14099
2017-09-02	6.4	6.1	Digium Asterisk PJSIP Channel Driver privilege escalation	Communications System	Not Defined	Official Fix	0.92718	0.00	CVE-2017-14098
2017-08-02	5.2	5.1	Digium Addons Module add-license-form.php cross site scripting	Nieznany	Not Defined	Official Fix	0.00164	0.02	CVE-2015-2690
2017-06-02	7.4	7.1	Digium Asterisk PJSIP memory corruption	Communications System	Not Defined	Official Fix	0.01208	0.02	CVE-2017-9372
2017-06-02	6.4	6.1	Digium Asterisk PJSIP information disclosure	Communications System	Not Defined	Official Fix	0.00660	0.00	CVE-2017-9359
2017-06-02	6.4	6.1	Digium Asterisk SCCP Packet denial of service	Communications System	Not Defined	Official Fix	0.00694	0.07	CVE-2017-9358

125 więcej wpisów nie jest pokazywanych

🔒 Login Required

You need to signup and login to see more of the remaining 125 results.

◂ PoprzedniPrzeglądKolejny ▸

Want to stay up to date on a daily basis?

Enable the mail alert feature now!