Lucene search

GitHub_MCVE-2021-37706

HistoryDec 22, 2021 - 6:15 p.m.

CVE-2021-37706

2021-12-2218:15:07

CWE-191

GitHub_M

web.nvd.nist.gov

pjsip

multimedia communication

library

remote code execution

stun

cve-2021-37706

security vulnerability

upgrade advisory

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

9.4

Confidence

High

EPSS

0.022

Percentile

89.6%

JSON

PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. In affected versions if the incoming STUN message contains an ERROR-CODE attribute, the header length is not checked before performing a subtraction operation, potentially resulting in an integer underflow scenario. This issue affects all users that use STUN. A malicious actor located within the victim’s network may forge and send a specially crafted UDP (STUN) message that could remotely execute arbitrary code on the victim’s machine. Users are advised to upgrade as soon as possible. There are no known workarounds.

Affected configurations

Nvd

Vulners

Node

teluupjsipRange≤2.11.1

Node

asteriskcertified_asteriskRange<16.8.0

asteriskcertified_asteriskMatch16.8.0

asteriskcertified_asteriskMatch16.8.0cert1

asteriskcertified_asteriskMatch16.8.0cert10

asteriskcertified_asteriskMatch16.8.0cert11

asteriskcertified_asteriskMatch16.8.0cert12

asteriskcertified_asteriskMatch16.8.0cert2

asteriskcertified_asteriskMatch16.8.0cert3

asteriskcertified_asteriskMatch16.8.0cert4

asteriskcertified_asteriskMatch16.8.0cert5

asteriskcertified_asteriskMatch16.8.0cert6

asteriskcertified_asteriskMatch16.8.0cert7

asteriskcertified_asteriskMatch16.8.0cert8

asteriskcertified_asteriskMatch16.8.0cert9

sangomaasteriskRange16.0.0–16.24.1

sangomaasteriskRange18.0.0–18.10.1

sangomaasteriskRange19.0.0–19.2.1

Node

debiandebian_linuxMatch9.0

debiandebian_linuxMatch10.0

VendorProductVersionCPE
pjsippjsip*cpe:2.3:a:pjsip:pjsip:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
pjsip	pjsip	*	cpe:2.3:a:pjsip:pjsip::::::::

CNA Affected

[
  {
    "vendor": "pjsip",
    "product": "pjproject",
    "versions": [
      {
        "version": "<= 2.11.1",
        "status": "affected"
      }
    ]
  }
]