1. CVE-Search
  2. CVE-2022-37325
ID CVE-2022-37325
Summary In Sangoma Asterisk through 16.28.0, 17.x and 18.x through 18.14.0, and 19.x through 19.6.0, an incoming Setup message to addons/ooh323c/src/ooq931.c with a malformed Calling or Called Party IE can cause a crash.
References
Vulnerable Configurations
  • cpe:2.3:a:sangoma:asterisk:*:*:*:*:*:*:*:*
    cpe:2.3:a:sangoma:asterisk:*:*:*:*:*:*:*:*
  • cpe:2.3:a:sangoma:asterisk:18.0.0:rc1:*:*:*:*:*:*
    cpe:2.3:a:sangoma:asterisk:18.0.0:rc1:*:*:*:*:*:*
  • cpe:2.3:a:sangoma:asterisk:18.1.0:-:*:*:*:*:*:*
    cpe:2.3:a:sangoma:asterisk:18.1.0:-:*:*:*:*:*:*
  • cpe:2.3:a:sangoma:asterisk:18.1.0:rc1:*:*:*:*:*:*
    cpe:2.3:a:sangoma:asterisk:18.1.0:rc1:*:*:*:*:*:*
  • cpe:2.3:a:sangoma:asterisk:18.2.0:-:*:*:*:*:*:*
    cpe:2.3:a:sangoma:asterisk:18.2.0:-:*:*:*:*:*:*
  • cpe:2.3:a:sangoma:asterisk:18.2.0:rc1:*:*:*:*:*:*
    cpe:2.3:a:sangoma:asterisk:18.2.0:rc1:*:*:*:*:*:*
  • cpe:2.3:a:sangoma:asterisk:18.2.1:-:*:*:*:*:*:*
    cpe:2.3:a:sangoma:asterisk:18.2.1:-:*:*:*:*:*:*
  • cpe:2.3:a:sangoma:asterisk:16.5.0:rc1:*:*:*:*:*:*
    cpe:2.3:a:sangoma:asterisk:16.5.0:rc1:*:*:*:*:*:*
  • cpe:2.3:a:sangoma:asterisk:16.6.0:rc1:*:*:*:*:*:*
    cpe:2.3:a:sangoma:asterisk:16.6.0:rc1:*:*:*:*:*:*
  • cpe:2.3:a:sangoma:asterisk:16.7.0:rc1:*:*:*:*:*:*
    cpe:2.3:a:sangoma:asterisk:16.7.0:rc1:*:*:*:*:*:*
  • cpe:2.3:a:sangoma:asterisk:16.8.0:rc1:*:*:*:*:*:*
    cpe:2.3:a:sangoma:asterisk:16.8.0:rc1:*:*:*:*:*:*
  • cpe:2.3:a:sangoma:asterisk:16.9.0:rc1:*:*:*:*:*:*
    cpe:2.3:a:sangoma:asterisk:16.9.0:rc1:*:*:*:*:*:*
  • cpe:2.3:a:sangoma:asterisk:16.10.0:rc1:*:*:*:*:*:*
    cpe:2.3:a:sangoma:asterisk:16.10.0:rc1:*:*:*:*:*:*
  • cpe:2.3:a:sangoma:asterisk:16.11.0:rc1:*:*:*:*:*:*
    cpe:2.3:a:sangoma:asterisk:16.11.0:rc1:*:*:*:*:*:*
  • cpe:2.3:a:sangoma:asterisk:16.12.0:rc1:*:*:*:*:*:*
    cpe:2.3:a:sangoma:asterisk:16.12.0:rc1:*:*:*:*:*:*
  • cpe:2.3:a:sangoma:asterisk:16.14.0:rc1:*:*:*:*:*:*
    cpe:2.3:a:sangoma:asterisk:16.14.0:rc1:*:*:*:*:*:*
  • cpe:2.3:a:sangoma:asterisk:16.15.0:rc1:*:*:*:*:*:*
    cpe:2.3:a:sangoma:asterisk:16.15.0:rc1:*:*:*:*:*:*
  • cpe:2.3:a:sangoma:asterisk:16.16.0:-:*:*:*:*:*:*
    cpe:2.3:a:sangoma:asterisk:16.16.0:-:*:*:*:*:*:*
  • cpe:2.3:a:sangoma:asterisk:16.16.0:rc1:*:*:*:*:*:*
    cpe:2.3:a:sangoma:asterisk:16.16.0:rc1:*:*:*:*:*:*
  • cpe:2.3:a:sangoma:asterisk:16.16.1:-:*:*:*:*:*:*
    cpe:2.3:a:sangoma:asterisk:16.16.1:-:*:*:*:*:*:*
  • cpe:2.3:a:sangoma:asterisk:20.0.0:*:*:*:*:*:*:*
    cpe:2.3:a:sangoma:asterisk:20.0.0:*:*:*:*:*:*:*
CVSS
Base: None
Impact:
Exploitability:
CWE CWE-787
CAPEC
Access
VectorComplexityAuthentication
Impact
ConfidentialityIntegrityAvailability
Last major update 24-02-2023 - 00:15
Published 05-12-2022 - 21:15
Last modified 24-02-2023 - 00:15
Back to Top