VDB
CVE-2022-23608
CVE-2022-23608
PUBLISHED
Asterisk ist eine komplette Open Source Multiprotokoll Telefonanlage (PBX) auf Softwarebasis. Certified Asterisk ist eine komplette Multiprotokoll Telefonanlage (PBX) auf Softwarebasis mit erweitertem Support.
EPSS 0.78% · 74.2th percentile
Risk Scores
EPSS Score
0.78%
74.2th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Digium | Digium Certified Asterisk <16.8-cert13 | |
| Ubuntu | Ubuntu Linux | |
| Open Source | Open Source Asterisk <19.2.1 | |
| Debian | Debian Linux | |
| Open Source | Open Source Asterisk <18.10.1 | |
| Open Source | Open Source Asterisk <16.24.1 |
Exploit Intelligence
- https://lists.debian.org/debian-lts-announce/2024/09/msg00030.html (circl)
- https://github.com/pjsip/pjproject/security/advisories/GHSA-ffff-m5fm-qm62 (circl)
- https://github.com/pjsip/pjproject/commit/db3235953baa56d2fb0e276ca510fefca751643f (circl)
- 20220304 AST-2022-005: pjproject: undefined behavior after freeing a dialog set (circl)
- http://packetstormsecurity.com/files/166226/Asterisk-Project-Security-Advisory-AST-2022-005.html (circl)
- [debian-lts-announce] 20220328 [SECURITY] [DLA 2962-1] pjproject security update (circl)
- [debian-lts-announce] 20220331 [SECURITY] [DLA 2962-2] pjproject regression update (circl)
- GLSA-202210-37 (circl)
- [debian-lts-announce] 20221117 [SECURITY] [DLA 3194-1] asterisk security update (circl)
- DSA-5285 (circl)
…and 1 more exploits
Timeline
- Feb 22, 2022 CVE Published
- Feb 23, 2022 EPSS Score
- Apr 16, 2022 EPSS Score
- Jun 7, 2022 EPSS Score
- Sep 20, 2022 EPSS Score
- Nov 11, 2022 EPSS Score
- Jan 2, 2023 EPSS Score
- Feb 23, 2023 EPSS Score
- Apr 15, 2023 EPSS Score
- Jun 6, 2023 EPSS Score
- Jul 28, 2023 EPSS Score
- Sep 18, 2023 EPSS Score
References
- https://wid.cert-bund.de/.well-known/csaf/white/2022/wid-sec-w-2022-2108.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2022-2108 advisory
- https://downloads.asterisk.org/pub/security/AST-2022-004.html advisory
- https://downloads.asterisk.org/pub/security/AST-2022-005.html advisory
- https://downloads.asterisk.org/pub/security/AST-2022-006.html advisory
- https://lists.debian.org/debian-lts-announce/2022/03/msg00035.html advisory
- https://lists.debian.org/debian-security-announce/2022/msg00256.html advisory
- https://lists.debian.org/debian-lts-announce/2022/11/msg00021.html advisory
- https://ubuntu.com/security/notices/USN-8122-1 advisory