Known Vulnerabilities for products from Asterisk
Listed below are 20 of the newest known vulnerabilities associated with the vendor "Asterisk".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2022-23608 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 9.8 - CRITICAL | 2022-02-22 | 2023-08-30 |
| CVE-2022-21723 json | PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols ... | 9.1 - CRITICAL | 2022-01-27 | 2023-08-30 |
| CVE-2021-46837 json | res_pjsip_t38 in Sangoma Asterisk 16.x before 16.16.2, 17.x before 17.9.3, and 18.x before 18.2.2, and Certified Asterisk bef... | 6.5 - MEDIUM | 2022-08-30 | 2023-01-28 |
| CVE-2021-37706 json | PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols ... | 9.8 - CRITICAL | 2021-12-22 | 2023-08-30 |
| CVE-2020-28327 json | A res_pjsip_session crash was discovered in Asterisk Open Source 13.x before 13.37.1, 16.x before 16.14.1, 17.x before 17.8.1... | 5.3 - MEDIUM | 2020-11-06 | 2020-11-20 |
| CVE-2020-28242 json | An issue was discovered in Asterisk Open Source 13.x before 13.37.1, 16.x before 16.14.1, 17.x before 17.8.1, and 18.x before... | 6.5 - MEDIUM | 2020-11-06 | 2023-11-07 |
| CVE-2018-12228 json | An issue was discovered in Asterisk Open Source 15.x before 15.4.1. When connected to Asterisk via TCP/TLS, if the client abr... | 6.5 - MEDIUM | 2018-06-12 | 2019-10-03 |
| CVE-2017-9358 json | A memory exhaustion vulnerability exists in Asterisk Open Source 13.x before 13.15.1 and 14.x before 14.4.1 and Certified Ast... | 7.5 - HIGH | 2017-06-02 | 2019-10-03 |
| CVE-2013-2686 json | main/http.c in the HTTP server in Asterisk Open Source 1.8.x before 1.8.20.2, 10.x before 10.12.2, and 11.x before 11.2.2; Ce... | 5 - MEDIUM | 2013-04-01 | 2013-04-01 |
| CVE-2013-2685 json | Stack-based buffer overflow in res/res_format_attr_h264.c in Asterisk Open Source 11.x before 11.2.2 allows remote attackers ... | 7.5 - HIGH | 2013-04-01 | 2013-04-02 |
| CVE-2013-2264 json | The SIP channel driver in Asterisk Open Source 1.8.x before 1.8.20.2, 10.x before 10.12.2, and 11.x before 11.2.2; Certified ... | 5 - MEDIUM | 2013-04-01 | 2013-04-01 |
| CVE-2012-2948 json | chan_skinny.c in the Skinny (aka SCCP) channel driver in Certified Asterisk 1.8.11-cert before 1.8.11-cert2 and Asterisk Open... | 4 - MEDIUM | 2012-06-02 | 2017-08-29 |
| CVE-2012-2416 json | chan_sip.c in the SIP channel driver in Asterisk Open Source 1.8.x before 1.8.11.1 and 10.x before 10.3.1 and Asterisk Busine... | 6.5 - MEDIUM | 2012-04-30 | 2017-12-14 |
| CVE-2012-2415 json | Heap-based buffer overflow in chan_skinny.c in the Skinny channel driver in Asterisk Open Source 1.6.2.x before 1.6.2.24, 1.8... | 6.5 - MEDIUM | 2012-04-30 | 2017-12-14 |
| CVE-2012-2414 json | main/manager.c in the Manager Interface in Asterisk Open Source 1.6.2.x before 1.6.2.24, 1.8.x before 1.8.11.1, and 10.x befo... | 6.5 - MEDIUM | 2012-04-30 | 2017-12-14 |
| CVE-2012-2186 json | Incomplete blacklist vulnerability in main/manager.c in Asterisk Open Source 1.8.x before 1.8.15.1 and 10.x before 10.7.1, Ce... | 9 - HIGH | 2012-08-31 | 2013-04-19 |
| CVE-2012-0885 json | chan_sip.c in Asterisk Open Source 1.8.x before 1.8.8.2 and 10.x before 10.0.1, when the res_srtp module is used and media su... | 4.3 - MEDIUM | 2012-01-25 | 2012-01-26 |
| CVE-2011-4063 json | chan_sip.c in the SIP channel driver in Asterisk Open Source 1.8.x before 1.8.7.1 and 10.x before 10.0.0-rc1 does not properl... | 6.8 - MEDIUM | 2011-10-21 | 2018-10-09 |
| CVE-2010-0441 json | Asterisk Open Source 1.6.0.x before 1.6.0.22, 1.6.1.x before 1.6.1.14, and 1.6.2.x before 1.6.2.2, and Business Edition C.3 b... | 5 - MEDIUM | 2010-02-04 | 2018-10-10 |
| CVE-2009-3723 json | asterisk allows calls on prohibited networks | 7.5 - HIGH | 2019-10-29 | 2019-11-01 |
Known software with vulnerabilities from Asterisk
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Asterisk | Certified Asterisk | 13.13.0 |
| Application | Asterisk | Open Source | 1.6.1 |