Lucene search
MitreCVELIST:CVE-2018-12227HistoryJun 12, 2018 - 4:00 a.m.
CVE-2018-12227
2018-06-1204:00:00
mitre
www.cve.org
1
An issue was discovered in Asterisk Open Source 13.x before 13.21.1, 14.x before 14.7.7, and 15.x before 15.4.1 and Certified Asterisk 13.18-cert before 13.18-cert4 and 13.21-cert before 13.21-cert2. When endpoint specific ACL rules block a SIP request, they respond with a 403 forbidden. However, if an endpoint is not identified, then a 401 unauthorized response is sent. This vulnerability just discloses which requests hit a defined endpoint. The ACL rules cannot be bypassed to gain access to the disclosed endpoints.
Related
openvas
openvas
Asterisk Information Disclosure Vulnerability (AST-2018-008)
2018-06-13 00:00:00
Debian: Security Advisory (DSA-4320-1)
2018-10-15 00:00:00
debiancve
debiancve
CVE-2018-12227
2018-06-12 04:29:00
prion
prion
Design/Logic Flaw
2018-06-12 04:29:00
nvd
nvd
CVE-2018-12227
2018-06-12 04:29:00
cve
cve
CVE-2018-12227
2018-06-12 04:29:00
osv
osv
CVE-2018-12227
2018-06-12 04:29:00
asterisk - security update
2018-10-16 00:00:00
checkpoint_advisories
checkpoint_advisories
Asterisk PJSIP Information Disclosure (CVE-2018-12227)
2019-10-24 00:00:00
nessus
nessus
ubuntucve
ubuntucve
CVE-2018-12227
2018-06-12 00:00:00
debian
debian
[SECURITY] [DSA 4320-1] asterisk security update
2018-10-16 21:54:17
gentoo
gentoo
Asterisk: Multiple vulnerabilities
2018-11-24 00:00:00