Asterisk is an open source private branch exchange and telephony toolkit. In Asterisk prior to versions 18.20.1, 20.5.1, and 21.0.1, as well as certified-asterisk prior to 18.9-cert6, it is possible to read any arbitrary file even when the `live_dangerously` is not enabled. This allows arbitrary files to be read. Asterisk versions 18.20.1, 20.5.1, and 21.0.1, as well as certified-asterisk prior to 18.9-cert6, contain a fix for this issue.
2023-12-14T20:15:52.730
2024-11-21T08:33:12.447
Modified
CVSSv3.1: 4.9 (MEDIUM)
Type | Vendor | Product | Version/Range | Vulnerable? |
---|---|---|---|---|
Application | digium | asterisk | < 18.20.1 | Yes |
Application | digium | asterisk | < 20.5.1 | Yes |
Application | digium | asterisk | 21.0.0 | Yes |
Application | sangoma | certified_asterisk | 13.13.0 | Yes |
Application | sangoma | certified_asterisk | 13.13.0 | Yes |
Application | sangoma | certified_asterisk | 13.13.0 | Yes |
Application | sangoma | certified_asterisk | 13.13.0 | Yes |
Application | sangoma | certified_asterisk | 13.13.0 | Yes |
Application | sangoma | certified_asterisk | 13.13.0 | Yes |
Application | sangoma | certified_asterisk | 13.13.0 | Yes |
Application | sangoma | certified_asterisk | 13.13.0 | Yes |
Application | sangoma | certified_asterisk | 13.13.0 | Yes |
Application | sangoma | certified_asterisk | 13.13.0 | Yes |
Application | sangoma | certified_asterisk | 16.8.0 | Yes |
Application | sangoma | certified_asterisk | 16.8.0 | Yes |
Application | sangoma | certified_asterisk | 16.8.0 | Yes |
Application | sangoma | certified_asterisk | 16.8.0 | Yes |
Application | sangoma | certified_asterisk | 16.8.0 | Yes |
Application | sangoma | certified_asterisk | 16.8.0 | Yes |
Application | sangoma | certified_asterisk | 16.8.0 | Yes |
Application | sangoma | certified_asterisk | 16.8.0 | Yes |
Application | sangoma | certified_asterisk | 16.8.0 | Yes |
Application | sangoma | certified_asterisk | 16.8.0 | Yes |
Application | sangoma | certified_asterisk | 16.8.0 | Yes |
Application | sangoma | certified_asterisk | 16.8.0 | Yes |
Application | sangoma | certified_asterisk | 16.8.0 | Yes |
Application | sangoma | certified_asterisk | 18.9 | Yes |
Application | sangoma | certified_asterisk | 18.9 | Yes |
Application | sangoma | certified_asterisk | 18.9 | Yes |
Application | sangoma | certified_asterisk | 18.9 | Yes |
Application | sangoma | certified_asterisk | 18.9 | Yes |