Lucene search
MitreCVE-2014-4045HistoryJun 17, 2014 - 2:55 p.m.
CVE-2014-4045
2014-06-1714:55:07
CWE-189
mitre
web.nvd.nist.gov
33
nvd
cve-2014-4045
asterisk
open source
denial of service
pjsip
channel driver
vulnerability
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:N/A:P
AI Score
6.7
Confidence
Low
EPSS
0.008
Percentile
81.7%
The Publish/Subscribe Framework in the PJSIP channel driver in Asterisk Open Source 12.x before 12.3.1, when sub_min_expiry is set to zero, allows remote attackers to cause a denial of service (assertion failure and crash) via an unsubscribe request when not subscribed to the device.
Affected configurations
Node
digiumasteriskMatch12.0.0
ORdigiumasteriskMatch12.1.0-
ORdigiumasteriskMatch12.1.0rc1
ORdigiumasteriskMatch12.1.0rc2
ORdigiumasteriskMatch12.1.0rc3
ORdigiumasteriskMatch12.1.1
ORdigiumasteriskMatch12.2.0
ORdigiumasteriskMatch12.2.0rc1
ORdigiumasteriskMatch12.2.0rc2
ORdigiumasteriskMatch12.2.0rc3
ORdigiumasteriskMatch12.3.0
ORdigiumasteriskMatch12.3.0rc1
ORdigiumasteriskMatch12.3.0rc2
| Vendor | Product | Version | CPE |
|---|---|---|---|
| digium | asterisk | 12.0.0 | cpe:2.3:a:digium:asterisk:12.0.0:*:*:*:*:*:*:* |
| digium | asterisk | 12.1.0 | cpe:2.3:a:digium:asterisk:12.1.0:-:*:*:*:*:*:* |
| digium | asterisk | 12.1.0 | cpe:2.3:a:digium:asterisk:12.1.0:rc1:*:*:*:*:*:* |
| digium | asterisk | 12.1.0 | cpe:2.3:a:digium:asterisk:12.1.0:rc2:*:*:*:*:*:* |
| digium | asterisk | 12.1.0 | cpe:2.3:a:digium:asterisk:12.1.0:rc3:*:*:*:*:*:* |
| digium | asterisk | 12.1.1 | cpe:2.3:a:digium:asterisk:12.1.1:*:*:*:*:*:*:* |
| digium | asterisk | 12.2.0 | cpe:2.3:a:digium:asterisk:12.2.0:*:*:*:*:*:*:* |
| digium | asterisk | 12.2.0 | cpe:2.3:a:digium:asterisk:12.2.0:rc1:*:*:*:*:*:* |
| digium | asterisk | 12.2.0 | cpe:2.3:a:digium:asterisk:12.2.0:rc2:*:*:*:*:*:* |
| digium | asterisk | 12.2.0 | cpe:2.3:a:digium:asterisk:12.2.0:rc3:*:*:*:*:*:* |
Related
debiancve
debiancve
CVE-2014-4045
2014-06-17 14:55:07
ubuntucve
ubuntucve
CVE-2014-4045
2014-06-17 00:00:00
nvd
nvd
CVE-2014-4045
2014-06-17 14:55:07
cvelist
cvelist
CVE-2014-4045
2014-06-17 14:00:00
prion
prion
Design/Logic Flaw
2014-06-17 14:55:00
securityvulns
securityvulns
AST-2014-005: Remote Crash in PJSIP Channel Driver's Publish/Subscribe Framework
2014-06-13 00:00:00
Asterisk multiple security vulnerabilities
2014-06-13 00:00:00
nessus
nessus
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:N/A:P
AI Score
6.7
Confidence
Low
EPSS
0.008
Percentile
81.7%
Related for CVE-2014-4045