CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2014-8417

ConfBridge in Asterisk 11.x before 11.14.1, 12.x before 12.7.1, and 13.x before 13.0.1 and Certified Asterisk 11.6 before 11.6-cert8 allows remote authenticated users to (1) gain privileges via vectors related to an external protocol to the CONFBRIDGE dialplan function or (2) execute arbitrary system commands via a crafted ConfbridgeStartRecord AMI action.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.007

EPSS Ranking 71.0%

CVSS Severity

CVSS v2 Score 6.5

References

Products affected by CVE-2014-8417

Digium » Asterisk » Version: 11.0.0

cpe:2.3:a:digium:asterisk:11.0.0
Digium » Asterisk » Version: 11.0.1

cpe:2.3:a:digium:asterisk:11.0.1
Digium » Asterisk » Version: 11.0.2

cpe:2.3:a:digium:asterisk:11.0.2
Digium » Asterisk » Version: 11.1.0

cpe:2.3:a:digium:asterisk:11.1.0
Digium » Asterisk » Version: 11.1.1

cpe:2.3:a:digium:asterisk:11.1.1
Digium » Asterisk » Version: 11.1.2

cpe:2.3:a:digium:asterisk:11.1.2
Digium » Asterisk » Version: 11.10.0

cpe:2.3:a:digium:asterisk:11.10.0
Digium » Asterisk » Version: 11.10.1

cpe:2.3:a:digium:asterisk:11.10.1
Digium » Asterisk » Version: 11.10.2

cpe:2.3:a:digium:asterisk:11.10.2
Digium » Asterisk » Version: 11.11.0

cpe:2.3:a:digium:asterisk:11.11.0
Digium » Asterisk » Version: 11.12.0

cpe:2.3:a:digium:asterisk:11.12.0
Digium » Asterisk » Version: 11.12.1

cpe:2.3:a:digium:asterisk:11.12.1
Digium » Asterisk » Version: 11.13.0

cpe:2.3:a:digium:asterisk:11.13.0
Digium » Asterisk » Version: 11.13.1

cpe:2.3:a:digium:asterisk:11.13.1
Digium » Asterisk » Version: 11.14.0

cpe:2.3:a:digium:asterisk:11.14.0
Digium » Asterisk » Version: 11.2.0

cpe:2.3:a:digium:asterisk:11.2.0
Digium » Asterisk » Version: 11.2.1

cpe:2.3:a:digium:asterisk:11.2.1
Digium » Asterisk » Version: 11.2.2

cpe:2.3:a:digium:asterisk:11.2.2
Digium » Asterisk » Version: 11.3.0

cpe:2.3:a:digium:asterisk:11.3.0
Digium » Asterisk » Version: 11.4.0

cpe:2.3:a:digium:asterisk:11.4.0
Digium » Asterisk » Version: 11.5.0

cpe:2.3:a:digium:asterisk:11.5.0
Digium » Asterisk » Version: 11.5.1

cpe:2.3:a:digium:asterisk:11.5.1
Digium » Asterisk » Version: 11.6.0

cpe:2.3:a:digium:asterisk:11.6.0
Digium » Asterisk » Version: 11.6.1

cpe:2.3:a:digium:asterisk:11.6.1
Digium » Asterisk » Version: 11.7.0

cpe:2.3:a:digium:asterisk:11.7.0
Digium » Asterisk » Version: 11.8.0

cpe:2.3:a:digium:asterisk:11.8.0
Digium » Asterisk » Version: 11.8.1

cpe:2.3:a:digium:asterisk:11.8.1
Digium » Asterisk » Version: 11.9.0

cpe:2.3:a:digium:asterisk:11.9.0
Digium » Asterisk » Version: 12.0.0

cpe:2.3:a:digium:asterisk:12.0.0
Digium » Asterisk » Version: 12.1.0

cpe:2.3:a:digium:asterisk:12.1.0
Digium » Asterisk » Version: 12.1.1

cpe:2.3:a:digium:asterisk:12.1.1
Digium » Asterisk » Version: 12.2.0

cpe:2.3:a:digium:asterisk:12.2.0
Digium » Asterisk » Version: 12.3.0

cpe:2.3:a:digium:asterisk:12.3.0
Digium » Asterisk » Version: 12.3.1

cpe:2.3:a:digium:asterisk:12.3.1
Digium » Asterisk » Version: 12.3.2

cpe:2.3:a:digium:asterisk:12.3.2
Digium » Asterisk » Version: 12.4.0

cpe:2.3:a:digium:asterisk:12.4.0
Digium » Asterisk » Version: 12.5.0

cpe:2.3:a:digium:asterisk:12.5.0
Digium » Asterisk » Version: 12.5.1

cpe:2.3:a:digium:asterisk:12.5.1
Digium » Asterisk » Version: 12.6.0

cpe:2.3:a:digium:asterisk:12.6.0
Digium » Asterisk » Version: 12.6.1

cpe:2.3:a:digium:asterisk:12.6.1
Digium » Asterisk » Version: 12.7.0

cpe:2.3:a:digium:asterisk:12.7.0
Digium » Asterisk » Version: 13.0.0

cpe:2.3:a:digium:asterisk:13.0.0
Digium » Certified Asterisk » Version: 11.6

cpe:2.3:a:digium:certified_asterisk:11.6
Digium » Certified Asterisk » Version: 11.6.0

cpe:2.3:a:digium:certified_asterisk:11.6.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2014-8417

Products

Pricing

Contact Us