Asterisk Certified Asterisk — known CVE vulnerabilities
Every CVE whose affected-product data names Asterisk Certified Asterisk, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (11)
CVE-2022-21723 — CVSS 9.1 (critical): PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP…
CVE-2012-2186 — CVSS 9.0 (critical): Incomplete blacklist vulnerability in main/manager.c in Asterisk Open Source 1.8.x before 1.8.15.1 and 10.x before 10.7.1, Certified…
CVE-2022-23608 — CVSS 8.1 (high): PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP…
CVE-2017-9358 — CVSS 7.5 (high): A memory exhaustion vulnerability exists in Asterisk Open Source 13.x before 13.15.1 and 14.x before 14.4.1 and Certified Asterisk 13.13…
CVE-2024-42365 — CVSS 7.4 (high): Asterisk is an open source private branch exchange (PBX) and telephony toolkit. Prior to asterisk versions 18.24.2, 20.9.2, and 21.4.2 and…
CVE-2021-37706 — CVSS 7.3 (high): PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP…
CVE-2020-28242 — CVSS 6.5 (medium): An issue was discovered in Asterisk Open Source 13.x before 13.37.1, 16.x before 16.14.1, 17.x before 17.8.1, and 18.x before 18.0.1 and…
CVE-2021-46837 — CVSS 6.5 (medium): res_pjsip_t38 in Sangoma Asterisk 16.x before 16.16.2, 17.x before 17.9.3, and 18.x before 18.2.2, and Certified Asterisk before…
CVE-2013-2686 — CVSS 5.0 (medium): main/http.c in the HTTP server in Asterisk Open Source 1.8.x before 1.8.20.2, 10.x before 10.12.2, and 11.x before 11.2.2; Certified…
CVE-2013-2264 — CVSS 5.0 (medium): The SIP channel driver in Asterisk Open Source 1.8.x before 1.8.20.2, 10.x before 10.12.2, and 11.x before 11.2.2; Certified Asterisk…
CVE-2012-2948 — CVSS 4.0 (medium): chan_skinny.c in the Skinny (aka SCCP) channel driver in Certified Asterisk 1.8.11-cert before 1.8.11-cert2 and Asterisk Open Source 1.8.x…