Sangoma Asterisk/Certified Asterisk manager.c action_getconfig/action_getconfigJson path traversal 🚫 [False Positive]

Noticeinfo

⚠️ This issue seems to be a false positive. Please check the referenced sources and consider omitting this entry entirely.

Productinfo

Type

• Communications System

Vendor

• Sangoma

Name

• Asterisk
• Certified Asterisk

Timelineinfo

10/14/2024 🔍
10/21/2024 +7 days 🔍
10/21/2024 +0 days 🔍
12/10/2024 +50 days 🔍

Sourcesinfo

Advisory: github.com
False Positive: Yes

CVE: CVE-2024-49215 (🔍)
GCVE (CVE): GCVE-0-2024-49215
GCVE (VulDB): GCVE-100-281025

Entryinfo

Created: 10/21/2024 09:10
Updated: 12/10/2024 06:43
Changes: 10/21/2024 09:10 (54), 10/21/2024 14:25 (1), 10/23/2024 01:50 (11), 10/24/2024 16:27 (11), 12/10/2024 06:43 (3)
Complete: 🔍
Cache ID: 216::103

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

Discussion

Want to know what is going to be exploited?

We predict KEV entries!