VDB
CVE-2023-49294
CVE-2023-49294
PUBLISHED
CVSS 9.300000190734863 CRITICAL
Certified Asterisk ist eine komplette Multiprotokoll Telefonanlage (PBX) auf Softwarebasis mit erweitertem Support. Asterisk ist eine komplette Open Source Multiprotokoll Telefonanlage (PBX) auf Softwarebasis.
EPSS 17.08% · 95.1th percentile
Risk Scores
CVSS v4.0
9.300000190734863
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
EPSS Score
17.08%
95.1th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Debian | Debian Linux | |
| Open Source | Open Source Asterisk <18.20.1 | |
| Digium | Digium Certified Asterisk <18.9-cert6 | |
| Open Source | Open Source Asterisk <21.0.1 | |
| Gentoo | Gentoo Linux | |
| Fedora | Fedora Linux | |
| Open Source | Open Source Asterisk <20.5.1 |
Timeline
- Dec 14, 2023 CVE Published
- Dec 15, 2023 EPSS Score
- Jan 13, 2024 EPSS Score
- Mar 11, 2024 EPSS Score
- Mar 29, 2024 PoC Published
- Apr 10, 2024 EPSS Score
- Jun 7, 2024 EPSS Score
- Jul 6, 2024 EPSS Score
- Aug 4, 2024 EPSS Score
- Oct 1, 2024 EPSS Score
- Oct 31, 2024 EPSS Score
- Dec 29, 2024 EPSS Score
References
- https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-3158.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-3158 advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=2254625 advisory
- https://github.com/asterisk/asterisk/security/advisories/GHSA-98rc-4j27-74hh advisory
- https://github.com/asterisk/asterisk/security/advisories/GHSA-8857-hfmw-vg8f advisory
- https://github.com/asterisk/asterisk/security/advisories/GHSA-hxj9-xwr8-w8pq advisory
- https://github.com/asterisk/asterisk/security/advisories/GHSA-5743-x3p5-3rg7 advisory
- https://lists.debian.org/debian-lts-announce/2023/12/msg00019.html advisory
- https://lists.debian.org/debian-security-announce/2024/msg00003.html advisory
- https://security.gentoo.org/glsa/202412-03 advisory
- https://bodhi.fedoraproject.org/updates/FEDORA-2026-38d71393c1 advisory
- https://bodhi.fedoraproject.org/updates/FEDORA-2026-80b21debe7 advisory
- https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2026-d5cc2324a0 advisory
- https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2026-f2281acb03 advisory
- https://bodhi.fedoraproject.org/updates/FEDORA-2026-98decbde87 advisory