VDB
CVE-2021-37706
CVE-2021-37706
PUBLISHED
Asterisk ist eine komplette Open Source Multiprotokoll Telefonanlage (PBX) auf Softwarebasis. Certified Asterisk ist eine komplette Multiprotokoll Telefonanlage (PBX) auf Softwarebasis mit erweitertem Support.
EPSS 0.50% · 66.5th percentile
Risk Scores
EPSS Score
0.50%
66.5th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Digium | Digium Certified Asterisk <16.8-cert13 | |
| Open Source | Open Source Asterisk <18.10.1 | |
| Open Source | Open Source Asterisk <19.2.1 | |
| Ubuntu | Ubuntu Linux | |
| Open Source | Open Source Asterisk <16.24.1 | |
| Debian | Debian Linux |
Timeline
- Dec 22, 2021 CVE Published
- Dec 23, 2021 EPSS Score
- Feb 15, 2022 EPSS Score
- Mar 5, 2022 EPSS Score
- Jun 3, 2022 EPSS Score
- Jul 28, 2022 EPSS Score
- Sep 20, 2022 EPSS Score
- Nov 13, 2022 EPSS Score
- Mar 1, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- Apr 24, 2023 EPSS Score
- Jun 17, 2023 EPSS Score
References
- https://wid.cert-bund.de/.well-known/csaf/white/2022/wid-sec-w-2022-2108.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2022-2108 advisory
- https://downloads.asterisk.org/pub/security/AST-2022-004.html advisory
- https://downloads.asterisk.org/pub/security/AST-2022-005.html advisory
- https://downloads.asterisk.org/pub/security/AST-2022-006.html advisory
- https://lists.debian.org/debian-lts-announce/2022/03/msg00035.html advisory
- https://lists.debian.org/debian-security-announce/2022/msg00256.html advisory
- https://lists.debian.org/debian-lts-announce/2022/11/msg00021.html advisory
- https://ubuntu.com/security/notices/USN-8122-1 advisory