Latest sangoma certified asterisk Vulnerabilities

CVE-2023-49786
Asterisk susceptible to Denial of Service via DTLS Hello packets during call initiation
Digium Asterisk<18.20.1
Digium Asterisk>=19.0.0<20.5.1
Digium Asterisk=21.0.0
Sangoma Certified Asterisk=13.13.0
Sangoma Certified Asterisk=13.13.0-cert1
Sangoma Certified Asterisk=13.13.0-cert1-rc1
and 25 more
CVE-2023-37457
Asterisk's PJSIP_HEADER dialplan function can overwrite memory/cause crash when using 'update'
Digium Asterisk<=18.20.0
Digium Asterisk>=19.0.0<=20.5.0
Digium Asterisk=21.0.0
Sangoma Certified Asterisk=13.13.0
Sangoma Certified Asterisk=13.13.0-cert1
Sangoma Certified Asterisk=13.13.0-cert1-rc1
and 25 more
CVE-2023-49294
Asterisk Path Traversal vulnerability
Digium Asterisk<18.20.1
Digium Asterisk>=19.0.0<20.5.1
Digium Asterisk=21.0.0
Sangoma Certified Asterisk=13.13.0
Sangoma Certified Asterisk=13.13.0-cert1
Sangoma Certified Asterisk=13.13.0-cert1-rc1
and 25 more
CVE-2022-42706
An issue was discovered in Sangoma Asterisk through 16.28, 17 and 18 through 18.14, 19 through 19.6, and certified through 18.9-cert1. GetConfig, via Asterisk Manager Interface, allows a connected app...
Sangoma Asterisk>=16.0.0<16.29.1
Sangoma Asterisk>=17.0.0<18.15.1
Sangoma Asterisk>=19.0.0<19.7.1
Sangoma Asterisk=20.0.0
Sangoma Certified Asterisk<18.9
Sangoma Certified Asterisk=18.9-cert1
and 1 more
CVE-2022-42705
A use-after-free in res_pjsip_pubsub.c in Sangoma Asterisk 16.28, 18.14, 19.6, and certified/18.9-cert2 may allow a remote authenticated attacker to crash Asterisk (denial of service) by performing ac...
Sangoma Asterisk>=16.0.0<16.29.1
Sangoma Asterisk>=18.14.0<18.15.1
Sangoma Asterisk>=19.6.0<19.7.1
Sangoma Asterisk=20.0.0
Sangoma Certified Asterisk=18.9-cert2
debian/asterisk<=1:16.2.1~dfsg-1+deb10u2

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203