CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2010-1224

main/acl.c in Asterisk Open Source 1.6.0.x before 1.6.0.25, 1.6.1.x before 1.6.1.17, and 1.6.2.x before 1.6.2.5 does not properly enforce remote host access controls when CIDR notation "/0" is used in permit= and deny= configuration rules, which causes an improper arithmetic shift and might allow remote attackers to bypass ACL rules and access services from unauthorized hosts.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.01

EPSS Ranking 76.0%

CVSS Severity

CVSS v2 Score 4.3

References

Products affected by CVE-2010-1224

Digium » Asterisk » Version: 1.6.0

cpe:2.3:a:digium:asterisk:1.6.0
Digium » Asterisk » Version: 1.6.0.1

cpe:2.3:a:digium:asterisk:1.6.0.1
Digium » Asterisk » Version: 1.6.0.10

cpe:2.3:a:digium:asterisk:1.6.0.10
Digium » Asterisk » Version: 1.6.0.12

cpe:2.3:a:digium:asterisk:1.6.0.12
Digium » Asterisk » Version: 1.6.0.13

cpe:2.3:a:digium:asterisk:1.6.0.13
Digium » Asterisk » Version: 1.6.0.14

cpe:2.3:a:digium:asterisk:1.6.0.14
Digium » Asterisk » Version: 1.6.0.15

cpe:2.3:a:digium:asterisk:1.6.0.15
Digium » Asterisk » Version: 1.6.0.16

cpe:2.3:a:digium:asterisk:1.6.0.16
Digium » Asterisk » Version: 1.6.0.17

cpe:2.3:a:digium:asterisk:1.6.0.17
Digium » Asterisk » Version: 1.6.0.18

cpe:2.3:a:digium:asterisk:1.6.0.18
Digium » Asterisk » Version: 1.6.0.19

cpe:2.3:a:digium:asterisk:1.6.0.19
Digium » Asterisk » Version: 1.6.0.2

cpe:2.3:a:digium:asterisk:1.6.0.2
Digium » Asterisk » Version: 1.6.0.20

cpe:2.3:a:digium:asterisk:1.6.0.20
Digium » Asterisk » Version: 1.6.0.21

cpe:2.3:a:digium:asterisk:1.6.0.21
Digium » Asterisk » Version: 1.6.0.22

cpe:2.3:a:digium:asterisk:1.6.0.22
Digium » Asterisk » Version: 1.6.0.23

cpe:2.3:a:digium:asterisk:1.6.0.23
Digium » Asterisk » Version: 1.6.0.24

cpe:2.3:a:digium:asterisk:1.6.0.24
Digium » Asterisk » Version: 1.6.0.3

cpe:2.3:a:digium:asterisk:1.6.0.3
Digium » Asterisk » Version: 1.6.0.5

cpe:2.3:a:digium:asterisk:1.6.0.5
Digium » Asterisk » Version: 1.6.0.6

cpe:2.3:a:digium:asterisk:1.6.0.6
Digium » Asterisk » Version: 1.6.0.7

cpe:2.3:a:digium:asterisk:1.6.0.7
Digium » Asterisk » Version: 1.6.0.8

cpe:2.3:a:digium:asterisk:1.6.0.8
Digium » Asterisk » Version: 1.6.0.9

cpe:2.3:a:digium:asterisk:1.6.0.9
Digium » Asterisk » Version: 1.6.1

cpe:2.3:a:digium:asterisk:1.6.1
Digium » Asterisk » Version: 1.6.1.1

cpe:2.3:a:digium:asterisk:1.6.1.1
Digium » Asterisk » Version: 1.6.1.10

cpe:2.3:a:digium:asterisk:1.6.1.10
Digium » Asterisk » Version: 1.6.1.11

cpe:2.3:a:digium:asterisk:1.6.1.11
Digium » Asterisk » Version: 1.6.1.12

cpe:2.3:a:digium:asterisk:1.6.1.12
Digium » Asterisk » Version: 1.6.1.13

cpe:2.3:a:digium:asterisk:1.6.1.13
Digium » Asterisk » Version: 1.6.1.14

cpe:2.3:a:digium:asterisk:1.6.1.14
Digium » Asterisk » Version: 1.6.1.15

cpe:2.3:a:digium:asterisk:1.6.1.15
Digium » Asterisk » Version: 1.6.1.16

cpe:2.3:a:digium:asterisk:1.6.1.16
Digium » Asterisk » Version: 1.6.1.2

cpe:2.3:a:digium:asterisk:1.6.1.2
Digium » Asterisk » Version: 1.6.1.4

cpe:2.3:a:digium:asterisk:1.6.1.4
Digium » Asterisk » Version: 1.6.1.5

cpe:2.3:a:digium:asterisk:1.6.1.5
Digium » Asterisk » Version: 1.6.1.6

cpe:2.3:a:digium:asterisk:1.6.1.6
Digium » Asterisk » Version: 1.6.1.7

cpe:2.3:a:digium:asterisk:1.6.1.7
Digium » Asterisk » Version: 1.6.1.8

cpe:2.3:a:digium:asterisk:1.6.1.8
Digium » Asterisk » Version: 1.6.1.9

cpe:2.3:a:digium:asterisk:1.6.1.9
Digium » Asterisk » Version: 1.6.2.0

cpe:2.3:a:digium:asterisk:1.6.2.0
Digium » Asterisk » Version: 1.6.2.1

cpe:2.3:a:digium:asterisk:1.6.2.1
Digium » Asterisk » Version: 1.6.2.2

cpe:2.3:a:digium:asterisk:1.6.2.2
Digium » Asterisk » Version: 1.6.2.3

cpe:2.3:a:digium:asterisk:1.6.2.3
Digium » Asterisk » Version: 1.6.2.4

cpe:2.3:a:digium:asterisk:1.6.2.4

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2010-1224

Products

Pricing

Contact Us