Shodan
Vulnerabilities
Vulnerable Software

Vulnerability Details CVE-2018-7287

An issue was discovered in res_http_websocket.c in Asterisk 15.x through 15.2.1. If the HTTP server is enabled (default is disabled), WebSocket payloads of size 0 are mishandled (with a busy loop).
Exploit prediction scoring system (EPSS) score
EPSS Score 0.331
EPSS Ranking 96.7%
CVSS Severity
CVSS v3 Score 5.9
CVSS v2 Score 4.3
Products affected by CVE-2018-7287
  • Digium » Asterisk » Version: 15.0.0
    cpe:2.3:a:digium:asterisk:15.0.0
  • Digium » Asterisk » Version: 15.1.0
    cpe:2.3:a:digium:asterisk:15.1.0
  • Digium » Asterisk » Version: 15.1.1
    cpe:2.3:a:digium:asterisk:15.1.1
  • Digium » Asterisk » Version: 15.1.2
    cpe:2.3:a:digium:asterisk:15.1.2
  • Digium » Asterisk » Version: 15.1.3
    cpe:2.3:a:digium:asterisk:15.1.3
  • Digium » Asterisk » Version: 15.1.4
    cpe:2.3:a:digium:asterisk:15.1.4
  • Digium » Asterisk » Version: 15.1.5
    cpe:2.3:a:digium:asterisk:15.1.5
  • Digium » Asterisk » Version: 15.2.0
    cpe:2.3:a:digium:asterisk:15.2.0
  • Digium » Asterisk » Version: 15.2.1
    cpe:2.3:a:digium:asterisk:15.2.1


Products
Pricing
Contact Us

Shodan ® - All rights reserved