Information disclosure in Asterisk Business_edition
CVE-2013-2264
The SIP channel driver in Asterisk Open Source 1.8.x before 1.8.20.2, 10.x before 10.12.2, and 11.x before 11.2.2; Certified Asterisk 1.8.15 before 1.8.15-cert2; Asterisk Business Edition (BE) C.3.x before C.3.8.1; and Asterisk Digiumphone…
Vulnerability class: Information Disclosure
EPSS: 0.013 (65.7th percentile) — read the EPSS interpretation.
Affected products
- Asterisk Business_edition — versions c.3.2.2, c.3.3, c.3.3.2
- Asterisk Certified_asterisk — versions 1.8.15, 1.8.15.0
- Asterisk Digiumphones — versions 10.0.0, 10.1.0, 10.2.0
- Asterisk Open_source — versions 1.8.0, 1.8.1, 1.8.1.1
- N/a — versions n/a
Weakness classification (CWE)
References
- cve@mitre.org (x_refsource_CONFIRM, Vendor Advisory)
- cve@mitre.org (x_refsource_CONFIRM, Vendor Advisory)