EPSS
Percentile
79.1%
asterisk:stretch is vulnerable to access restriction bypass. A SIP request can be sent to Asterisk that can change a SIP peer’s IP address. A REGISTER does not need to occur, and calls can be hijacked as a result.
downloads.asterisk.org/pub/security/AST-2019-006.html
lists.debian.org/debian-lts-announce/2019/11/msg00038.html
lists.debian.org/debian-lts-announce/2022/04/msg00001.html
security-tracker.debian.org/tracker/CVE-2019-18790
www.asterisk.org/downloads/security-advisories