Vulnerability in Asterisk Business_edition
CVE-2012-2186
Incomplete blacklist vulnerability in main/manager.c in Asterisk Open Source 1.8.x before 1.8.15.1 and 10.x before 10.7.1, Certified Asterisk 1.8.11 before 1.8.11-cert6, Asterisk Digiumphones 10.x.x-digiumphones before 10.7.1-digiumphones…
EPSS: 0.036 (87.9th percentile) — read the EPSS interpretation.
Affected products
- Asterisk Business_edition — versions c.3.0
- Asterisk Certified_asterisk — versions 1.8.11
- Asterisk Digiumphones
- Asterisk Open_source — versions 1.8.0, 1.8.1, 1.8.1.1
- Sangoma Asterisk
- N/a — versions n/a
References
- psirt@us.ibm.com (x_refsource_SECUNIA, third-party-advisory)
- psirt@us.ibm.com (x_refsource_SECUNIA, third-party-advisory)
- psirt@us.ibm.com (vendor-advisory, x_refsource_DEBIAN)
- psirt@us.ibm.com (x_refsource_CONFIRM, Patch, Vendor Advisory)
- psirt@us.ibm.com (vdb-entry, x_refsource_SECTRACK)