cve-2012-2186
Vulnerability from cvelistv5
Published
2012-08-31 14:00
Modified
2024-08-06 19:26
Severity ?
Summary
Incomplete blacklist vulnerability in main/manager.c in Asterisk Open Source 1.8.x before 1.8.15.1 and 10.x before 10.7.1, Certified Asterisk 1.8.11 before 1.8.11-cert6, Asterisk Digiumphones 10.x.x-digiumphones before 10.7.1-digiumphones, and Asterisk Business Edition C.3.x before C.3.7.6 allows remote authenticated users to execute arbitrary commands by leveraging originate privileges and providing an ExternalIVR value in an AMI Originate action.
References
psirt@us.ibm.comhttp://downloads.asterisk.org/pub/security/AST-2012-012.htmlPatch, Vendor Advisory
psirt@us.ibm.comhttp://secunia.com/advisories/50687
psirt@us.ibm.comhttp://secunia.com/advisories/50756
psirt@us.ibm.comhttp://www.debian.org/security/2012/dsa-2550
psirt@us.ibm.comhttp://www.securitytracker.com/id?1027460
af854a3a-2127-422b-91ae-364da2661108http://downloads.asterisk.org/pub/security/AST-2012-012.htmlPatch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/50687
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/50756
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2012/dsa-2550
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id?1027460
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website

To clipboard 

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-06T19:26:08.975Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  name: "50687",
                  tags: [
                     "third-party-advisory",
                     "x_refsource_SECUNIA",
                     "x_transferred",
                  ],
                  url: "http://secunia.com/advisories/50687",
               },
               {
                  name: "50756",
                  tags: [
                     "third-party-advisory",
                     "x_refsource_SECUNIA",
                     "x_transferred",
                  ],
                  url: "http://secunia.com/advisories/50756",
               },
               {
                  name: "DSA-2550",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_DEBIAN",
                     "x_transferred",
                  ],
                  url: "http://www.debian.org/security/2012/dsa-2550",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://downloads.asterisk.org/pub/security/AST-2012-012.html",
               },
               {
                  name: "1027460",
                  tags: [
                     "vdb-entry",
                     "x_refsource_SECTRACK",
                     "x_transferred",
                  ],
                  url: "http://www.securitytracker.com/id?1027460",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         datePublic: "2012-08-30T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "Incomplete blacklist vulnerability in main/manager.c in Asterisk Open Source 1.8.x before 1.8.15.1 and 10.x before 10.7.1, Certified Asterisk 1.8.11 before 1.8.11-cert6, Asterisk Digiumphones 10.x.x-digiumphones before 10.7.1-digiumphones, and Asterisk Business Edition C.3.x before C.3.7.6 allows remote authenticated users to execute arbitrary commands by leveraging originate privileges and providing an ExternalIVR value in an AMI Originate action.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2012-10-31T09:00:00",
            orgId: "9a959283-ebb5-44b6-b705-dcc2bbced522",
            shortName: "ibm",
         },
         references: [
            {
               name: "50687",
               tags: [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
               ],
               url: "http://secunia.com/advisories/50687",
            },
            {
               name: "50756",
               tags: [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
               ],
               url: "http://secunia.com/advisories/50756",
            },
            {
               name: "DSA-2550",
               tags: [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
               ],
               url: "http://www.debian.org/security/2012/dsa-2550",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://downloads.asterisk.org/pub/security/AST-2012-012.html",
            },
            {
               name: "1027460",
               tags: [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
               ],
               url: "http://www.securitytracker.com/id?1027460",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "psirt@us.ibm.com",
               ID: "CVE-2012-2186",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "Incomplete blacklist vulnerability in main/manager.c in Asterisk Open Source 1.8.x before 1.8.15.1 and 10.x before 10.7.1, Certified Asterisk 1.8.11 before 1.8.11-cert6, Asterisk Digiumphones 10.x.x-digiumphones before 10.7.1-digiumphones, and Asterisk Business Edition C.3.x before C.3.7.6 allows remote authenticated users to execute arbitrary commands by leveraging originate privileges and providing an ExternalIVR value in an AMI Originate action.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "50687",
                     refsource: "SECUNIA",
                     url: "http://secunia.com/advisories/50687",
                  },
                  {
                     name: "50756",
                     refsource: "SECUNIA",
                     url: "http://secunia.com/advisories/50756",
                  },
                  {
                     name: "DSA-2550",
                     refsource: "DEBIAN",
                     url: "http://www.debian.org/security/2012/dsa-2550",
                  },
                  {
                     name: "http://downloads.asterisk.org/pub/security/AST-2012-012.html",
                     refsource: "CONFIRM",
                     url: "http://downloads.asterisk.org/pub/security/AST-2012-012.html",
                  },
                  {
                     name: "1027460",
                     refsource: "SECTRACK",
                     url: "http://www.securitytracker.com/id?1027460",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "9a959283-ebb5-44b6-b705-dcc2bbced522",
      assignerShortName: "ibm",
      cveId: "CVE-2012-2186",
      datePublished: "2012-08-31T14:00:00",
      dateReserved: "2012-04-04T00:00:00",
      dateUpdated: "2024-08-06T19:26:08.975Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
   "vulnerability-lookup:meta": {
      nvd: "{\"cve\":{\"id\":\"CVE-2012-2186\",\"sourceIdentifier\":\"psirt@us.ibm.com\",\"published\":\"2012-08-31T14:55:00.950\",\"lastModified\":\"2025-04-11T00:51:21.963\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Incomplete blacklist vulnerability in main/manager.c in Asterisk Open Source 1.8.x before 1.8.15.1 and 10.x before 10.7.1, Certified Asterisk 1.8.11 before 1.8.11-cert6, Asterisk Digiumphones 10.x.x-digiumphones before 10.7.1-digiumphones, and Asterisk Business Edition C.3.x before C.3.7.6 allows remote authenticated users to execute arbitrary commands by leveraging originate privileges and providing an ExternalIVR value in an AMI Originate action.\"},{\"lang\":\"es\",\"value\":\"Vulnerabilidad de lista negra incompleta en main/manager.c en Asterisk Open Source v1.8.x antes de v1.8.15.1 y v10.x antes de v10.7.1, Certified Asterisk v1.8.11-8.1.11 antes de cert6, Digiumphones Asterisk v10.xx-digiumphones antes de v10.7.1-digiumphones y Asterisk Business Edition C.3.x antes de C.3.7.6 permite a usuarios remotos autenticados ejecutar comandos de su elección aprovechándose de los privilegios de origen y proporcionando un valor ExternalIVR en una acción IAM Originate.\\r\\n\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:S/C:C/I:C/A:C\",\"baseScore\":9.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"SINGLE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":8.0,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-Other\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:asterisk:open_source:1.8.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"ACE48FBD-2560-4477-ABD2-C90729523BC1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:asterisk:open_source:1.8.0:beta1:*:*:*:*:*:*\",\"matchCriteriaId\":\"97F03C40-6B70-41D1-96CF-DD5F2924D0C5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:asterisk:open_source:1.8.0:beta2:*:*:*:*:*:*\",\"matchCriteriaId\":\"B8F0B6E3-37B8-4780-BB17-D471A7AB7E58\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:asterisk:open_source:1.8.0:beta3:*:*:*:*:*:*\",\"matchCriteriaId\":\"445941A9-EE2C-45C0-BCEB-9EC7F9F9439D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:asterisk:open_source:1.8.0:beta4:*:*:*:*:*:*\",\"matchCriteriaId\":\"7C60A84B-E0BC-491B-B6E6-76E658BB91EC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:asterisk:open_source:1.8.0:beta5:*:*:*:*:*:*\",\"matchCriteriaId\":\"035B04BC-C132-4CF6-9FE4-561A4104F392\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:asterisk:open_source:1.8.0:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"E21DF0C9-16E4-44B0-8749-85F7F245A87A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:asterisk:open_source:1.8.0:rc2:*:*:*:*:*:*\",\"matchCriteriaId\":\"AE6A2723-FAE7-4A87-A2A3-E94D9CC2DCB5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:asterisk:open_source:1.8.0:rc3:*:*:*:*:*:*\",\"matchCriteriaId\":\"37612FE6-C8B7-4925-81F5-ADB82A8F101E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:asterisk:open_source:1.8.0:rc4:*:*:*:*:*:*\",\"matchCriteriaId\":\"92181940-ED5C-442C-82BA-4F0F233FB11B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:asterisk:open_source:1.8.0:rc5:*:*:*:*:*:*\",\"matchCriteriaId\":\"28EEF1DB-00C6-4DFC-BB48-C4A308F60DAD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:asterisk:open_source:1.8.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"67CE3E94-341F-4D0C-937E-39B119925C9A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:asterisk:open_source:1.8.1:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"5C721635-2801-40E8-B5FE-734054D718D3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:asterisk:open_source:1.8.1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"93F81ACF-615F-4EF5-BD73-74F4010B43D8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:asterisk:open_source:1.8.1.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D773468A-4C2D-4B88-BAB6-C2D892A304C4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:asterisk:open_source:1.8.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"15ED9311-9E4E-4998-BD99-CDEB8E4F2C74\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:asterisk:open_source:1.8.2:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"815F7045-FC6D-4D57-A7AE-F63B0FC67251\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:asterisk:open_source:1.8.2.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"56BAE9D7-7A67-40D0-B864-66E76EBA5A84\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:asterisk:open_source:1.8.2.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B82FFB08-0FCD-4839-95F4-97C09EB7E921\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:asterisk:open_source:1.8.2.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"10C54588-265A-4955-8C73-38ADB664EF0D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:asterisk:open_source:1.8.2.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C2D84681-F861-49BE-832F-20EBAD3B60C0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:asterisk:open_source:1.8.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2313F843-0F74-4FC9-92A2-1F721BB4C490\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:asterisk:open_source:1.8.3:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"09918CFC-C6A0-45ED-91EA-A4D9295C6CBA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:asterisk:open_source:1.8.3:rc2:*:*:*:*:*:*\",\"matchCriteriaId\":\"23E24161-31DB-4739-B16D-B0BDF5151307\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:asterisk:open_source:1.8.3:rc3:*:*:*:*:*:*\",\"matchCriteriaId\":\"E28DAA35-FBC2-4C87-BC1F-396A0FE86C5C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:asterisk:open_source:1.8.3.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4F5E4B4F-49B7-41CB-803B-47A0081C3112\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:asterisk:open_source:1.8.3.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"27D37142-F88C-42DE-A0FD-B17AB7981963\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:asterisk:open_source:1.8.3.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F1A5BD7C-3491-456A-A333-481977280F5F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:asterisk:open_source:1.8.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F7AFBC1D-7357-4A20-BF9D-C5B58155DAAC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:asterisk:open_source:1.8.4:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"C85B74B6-EA5C-43C1-98C4-B09C41D9D8CF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:asterisk:open_source:1.8.4:rc2:*:*:*:*:*:*\",\"matchCriteriaId\":\"12711E11-F6CF-4A61-83FD-AD3748D7C47B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:asterisk:open_source:1.8.4:rc3:*:*:*:*:*:*\",\"matchCriteriaId\":\"86E83CDF-E3B5-48A8-B526-67A1618B97AA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:asterisk:open_source:1.8.4.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B9C8B329-AC4C-46E5-BAC3-B2B72C16A453\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:asterisk:open_source:1.8.4.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5A81245B-0276-4D51-A3B4-9CC7233C9A44\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:asterisk:open_source:1.8.4.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9DC30C27-32BD-42A9-814E-123BD18F416B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:asterisk:open_source:1.8.4.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"676BA331-833E-4C8B-A523-2116752567B5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:asterisk:open_source:1.8.5:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"A7D38CAA-BECD-4FD7-8E42-72CB2B1DC699\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:asterisk:open_source:1.8.5.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4F211C14-8E50-4FB7-82EA-FE6975290DE1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:asterisk:open_source:1.8.6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0698EDFB-D156-4572-9008-0243FA6FD2FC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:asterisk:open_source:1.8.6.0:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"16350161-9CF1-4AD3-954C-598D249CF962\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:asterisk:open_source:1.8.6.0:rc2:*:*:*:*:*:*\",\"matchCriteriaId\":\"24EB6F7B-AD3C-42A2-B811-3CF3EEDD8438\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:asterisk:open_source:1.8.6.0:rc3:*:*:*:*:*:*\",\"matchCriteriaId\":\"7AC55C54-7AD7-49BE-A050-DC6878391208\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:asterisk:open_source:1.8.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4AA9DBB3-1008-4CC8-B81B-991F286A6C0F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:asterisk:open_source:1.8.7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1B208EBB-0387-4223-A196-CE142E6B908B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:asterisk:open_source:1.8.7.0:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"095BF874-0E0B-4F8F-8A11-ED096DD3A824\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:asterisk:open_source:1.8.7.0:rc2:*:*:*:*:*:*\",\"matchCriteriaId\":\"4067E71D-93A8-4B56-AE4A-FCB6E31577E6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:asterisk:open_source:1.8.7.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9D301553-EF77-4494-A893-FDC12E6A8C16\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:asterisk:open_source:1.8.7.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"35362678-3960-40E0-BB94-4642F09DDB4F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:asterisk:open_source:1.8.8.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"779DEAC5-CBC7-4844-9A2E-97AEB49704EB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:asterisk:open_source:1.8.8.0:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"913D2C84-B987-4DEE-8F9E-0FDF14BECE2E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:asterisk:open_source:1.8.8.0:rc2:*:*:*:*:*:*\",\"matchCriteriaId\":\"63889FD0-714B-4E02-8F34-00E4857A544A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:asterisk:open_source:1.8.8.0:rc3:*:*:*:*:*:*\",\"matchCriteriaId\":\"A15B538D-DC9D-46B4-A455-341E8A2831E4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:asterisk:open_source:1.8.8.0:rc4:*:*:*:*:*:*\",\"matchCriteriaId\":\"8FE32479-5D98-443F-8FA9-F6281726BDF9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:asterisk:open_source:1.8.8.0:rc5:*:*:*:*:*:*\",\"matchCriteriaId\":\"78841A3E-7D56-4737-9815-E1144FD0A44A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:asterisk:open_source:1.8.8.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A6CE8D88-E407-4E9F-8418-E95C16A55358\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:asterisk:open_source:1.8.8.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3BDEDE38-79FE-4B21-BE42-E8AA14475AA6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:asterisk:open_source:1.8.9.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CC295454-D897-425C-BFC8-91A72865A132\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:asterisk:open_source:1.8.9.0:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"3830A3E2-09A1-487E-8EFA-27F8B4C61CB4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:asterisk:open_source:1.8.9.0:rc2:*:*:*:*:*:*\",\"matchCriteriaId\":\"CAC942FB-83A2-4698-B410-F4C6AED0849A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:asterisk:open_source:1.8.9.0:rc3:*:*:*:*:*:*\",\"matchCriteriaId\":\"86ED40AD-0A52-4B4C-B4CA-F8D1A4CAF866\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:asterisk:open_source:1.8.9.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B7128AC5-5DD7-4BD3-B14C-4ADA155DD5E7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:asterisk:open_source:1.8.9.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FA2C32DA-44CE-4407-84B2-02B0D0474000\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:asterisk:open_source:1.8.9.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F2B032B5-06AB-4ABE-B51E-DE5C13458C03\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:asterisk:open_source:1.8.10.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"07FC62DE-74D3-42A9-94E8-6DCE62F3D2B6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:asterisk:open_source:1.8.10.0:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"39E78E52-2AA4-42A5-9CE6-22DF2CF01704\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:asterisk:open_source:1.8.10.0:rc2:*:*:*:*:*:*\",\"matchCriteriaId\":\"3DF04D4C-DFED-4E71-BA0C-854823BB41CC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:asterisk:open_source:1.8.10.0:rc3:*:*:*:*:*:*\",\"matchCriteriaId\":\"518A8882-B1A6-408E-9B39-F01034A50190\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:asterisk:open_source:1.8.10.0:rc4:*:*:*:*:*:*\",\"matchCriteriaId\":\"2EBBB850-2AE6-4EC1-993F-AD7AF2E80008\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:asterisk:open_source:1.8.10.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F33168AF-A3FB-4694-9DC8-CC28A7C3B3E2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:asterisk:open_source:1.8.11.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E1075D5D-5F81-4E26-90B0-60659B8D36B6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:asterisk:open_source:1.8.11.0:rc2:*:*:*:*:*:*\",\"matchCriteriaId\":\"6880B042-11B1-430F-90A1-70F93FC5BAF2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:asterisk:open_source:1.8.11.0:rc3:*:*:*:*:*:*\",\"matchCriteriaId\":\"0F074B06-6788-47AB-8C39-BA5E2E39ACC4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:asterisk:open_source:1.8.11.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"47805A52-856B-4C30-A04F-0B683FDBE075\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:asterisk:open_source:1.8.12:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1ACB7C4A-7CF7-4D57-B65D-741AFA6393EC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:asterisk:open_source:1.8.12.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"48300C6F-FAF2-4F0A-959F-4B1801AE7D4F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:asterisk:open_source:1.8.12.0:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"85522E25-E76C-4CCF-AB7C-A74E1703D919\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:asterisk:open_source:1.8.12.0:rc2:*:*:*:*:*:*\",\"matchCriteriaId\":\"AC3BE912-0B42-416B-A0E2-B17FDF07BAAB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:asterisk:open_source:1.8.12.0:rc3:*:*:*:*:*:*\",\"matchCriteriaId\":\"4FC9C2FB-A77B-4242-B4A1-92112E1C19B2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sangoma:asterisk:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"1.8.15.0\",\"matchCriteriaId\":\"9DA237F1-0378-4B8C-9981-B3B47BCB3C50\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:asterisk:open_source:10.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"33DD2B8E-6AB1-45CD-85F5-E0F5234585BF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:asterisk:open_source:10.0.0:beta1:*:*:*:*:*:*\",\"matchCriteriaId\":\"52BDDAC0-5CEE-4054-8930-EAF25FE528FD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:asterisk:open_source:10.0.0:beta2:*:*:*:*:*:*\",\"matchCriteriaId\":\"1CEB28DD-EAEA-45AF-8D7B-09E93AFABA49\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:asterisk:open_source:10.0.0:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"12BCF63F-DA77-48A1-861D-F6E710E3CA16\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:asterisk:open_source:10.0.0:rc2:*:*:*:*:*:*\",\"matchCriteriaId\":\"AD0D03FF-3FF6-40D0-A78E-CBDEA4FE4F14\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:asterisk:open_source:10.0.0:rc3:*:*:*:*:*:*\",\"matchCriteriaId\":\"66666CD2-8921-4641-AD72-21F4386DC731\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:asterisk:open_source:10.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E55A7B81-4661-4E77-94FE-DA8D6261DC74\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:asterisk:open_source:10.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0C549DD5-68F9-44FC-92B9-09A0E6F87315\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:asterisk:open_source:10.1.0:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"51407A8B-AF19-43FA-8D57-A6A35D465D1E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:asterisk:open_source:10.1.0:rc2:*:*:*:*:*:*\",\"matchCriteriaId\":\"911CCAF6-6E29-43B6-AF76-909016CD46ED\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:asterisk:open_source:10.1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"964672AE-C840-465E-BE8A-8E19D9C060AF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:asterisk:open_source:10.1.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"48827211-8F2F-4801-A5CD-77B07D1DD320\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:asterisk:open_source:10.1.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D2463AD2-B341-494C-87AF-73B69B75D162\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:asterisk:open_source:10.2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7B46E218-9EFA-4224-BC5D-1A2F38559E38\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:asterisk:open_source:10.2.0:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"6F1F43E8-6159-46FA-8BF5-360EA9D466BA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:asterisk:open_source:10.2.0:rc2:*:*:*:*:*:*\",\"matchCriteriaId\":\"F75E0A69-9251-4CE1-9E83-188F0D35DEFC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:asterisk:open_source:10.2.0:rc3:*:*:*:*:*:*\",\"matchCriteriaId\":\"17E6BD3C-B88D-4C80-B77F-2A95767B9A71\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:asterisk:open_source:10.2.0:rc4:*:*:*:*:*:*\",\"matchCriteriaId\":\"3AC1C9EC-A84F-401B-BF59-F4938B6A2F59\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:asterisk:open_source:10.2.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1E5DACA8-EBD6-4854-A32E-EDBD8C28B3D4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:asterisk:open_source:10.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FCB76519-FD6D-4D74-8DF7-719822588C12\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:asterisk:open_source:10.3.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A6AB0DE5-0843-4A7A-A1C9-2FD7924FBEDC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:asterisk:open_source:10.3.0:rc2:*:*:*:*:*:*\",\"matchCriteriaId\":\"335F9C06-5E40-4E14-B018-15151E14414D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:asterisk:open_source:10.3.0:rc3:*:*:*:*:*:*\",\"matchCriteriaId\":\"9E8F15FB-C6B5-4A4F-A7AD-E2BF0162D1DF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:asterisk:open_source:10.3.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BC77FCCF-EE5C-4121-A0AF-B9DC71E72C1A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:asterisk:open_source:10.4.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B1C33423-6093-4DC9-BCFF-77003776373E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:asterisk:open_source:10.4.0:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"9DEA8945-9ACD-4CE7-A5E6-5207E16C663E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:asterisk:open_source:10.4.0:rc2:*:*:*:*:*:*\",\"matchCriteriaId\":\"B2A7FC21-74FF-48BF-9BA8-A143FCB2BF3A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:asterisk:open_source:10.4.0:rc3:*:*:*:*:*:*\",\"matchCriteriaId\":\"C4FCD6B4-ED33-424F-AD30-64227894B0B8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sangoma:asterisk:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"10.7.0\",\"matchCriteriaId\":\"F6558058-33DA-43F1-9690-5DA11D5CC713\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:asterisk:certified_asterisk:*:cert5:*:*:*:*:*:*\",\"versionEndIncluding\":\"1.8.11\",\"matchCriteriaId\":\"345918B8-ABB8-4E60-A3AD-C006AD24FEC4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:asterisk:certified_asterisk:1.8.11:cert:*:*:*:*:*:*\",\"matchCriteriaId\":\"4889B1B5-5160-476E-A1C0-BEAE63C85CEA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:asterisk:certified_asterisk:1.8.11:cert1:*:*:*:*:*:*\",\"matchCriteriaId\":\"62867AEF-D685-4B1F-8AB9-D1CCAC559821\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:asterisk:certified_asterisk:1.8.11:cert2:*:*:*:*:*:*\",\"matchCriteriaId\":\"F7C792E2-FBBA-4F1D-8842-5E47B4365FBA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:asterisk:certified_asterisk:1.8.11:cert3:*:*:*:*:*:*\",\"matchCriteriaId\":\"B14F1E15-52B4-4947-83EA-85D535FFB55E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:asterisk:certified_asterisk:1.8.11:cert4:*:*:*:*:*:*\",\"matchCriteriaId\":\"02461B94-32BA-487E-9E9E-D9B5AAAFF602\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:asterisk:digiumphones:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"10.7.0\",\"matchCriteriaId\":\"7438E927-F320-4E40-AE4E-F571483A5D2F\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:asterisk:business_edition:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"c.3.7.5\",\"matchCriteriaId\":\"94539528-4DD3-4BB6-BFFE-920A3937A665\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:asterisk:business_edition:c.3.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"17D78AA8-AF67-4343-A9B0-EFC63D8CC4BC\"}]}]}],\"references\":[{\"url\":\"http://downloads.asterisk.org/pub/security/AST-2012-012.html\",\"source\":\"psirt@us.ibm.com\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/50687\",\"source\":\"psirt@us.ibm.com\"},{\"url\":\"http://secunia.com/advisories/50756\",\"source\":\"psirt@us.ibm.com\"},{\"url\":\"http://www.debian.org/security/2012/dsa-2550\",\"source\":\"psirt@us.ibm.com\"},{\"url\":\"http://www.securitytracker.com/id?1027460\",\"source\":\"psirt@us.ibm.com\"},{\"url\":\"http://downloads.asterisk.org/pub/security/AST-2012-012.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/50687\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/50756\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.debian.org/security/2012/dsa-2550\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securitytracker.com/id?1027460\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}",
   },
}


Log in or create an account to share your comment.

Security Advisory comment format.

This schema specifies the format of a comment related to a security advisory.

UUIDv4 of the comment
UUIDv4 of the Vulnerability-Lookup instance
When the comment was created originally
When the comment was last updated
Title of the comment
Description of the comment
The identifier of the vulnerability (CVE ID, GHSA-ID, PYSEC ID, etc.).



Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.