Auth bypass in Asterisk Asterisk_business_edition

CVE-2008-5558

Asterisk Open Source 1.2.26 through 1.2.30.3 and Business Edition B.2.3.5 through B.2.5.5, when realtime IAX2 users are enabled, allows remote attackers to cause a denial of service (crash) via authentication attempts involving (1) an unkn…

Vulnerability class: Broken Authentication

EPSS: 0.020 (77.8th percentile) — read the EPSS interpretation.

Affected products

Weakness classification (CWE)

References