Vulnerability Details CVE-2019-7251
An Integer Signedness issue (for a return code) in the res_pjsip_sdp_rtp module in Digium Asterisk versions 15.7.1 and earlier and 16.1.1 and earlier allows remote authenticated users to crash Asterisk via a specially crafted SDP protocol violation.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.046
EPSS Ranking 88.9%
CVSS Severity
CVSS v3 Score 6.5
CVSS v2 Score 4.0
References
Products affected by CVE-2019-7251
-
cpe:2.3:a:digium:asterisk:15.0.0
-
cpe:2.3:a:digium:asterisk:15.1.0
-
cpe:2.3:a:digium:asterisk:15.1.1
-
cpe:2.3:a:digium:asterisk:15.1.2
-
cpe:2.3:a:digium:asterisk:15.1.3
-
cpe:2.3:a:digium:asterisk:15.1.4
-
cpe:2.3:a:digium:asterisk:15.1.5
-
cpe:2.3:a:digium:asterisk:15.2.0
-
cpe:2.3:a:digium:asterisk:15.2.1
-
cpe:2.3:a:digium:asterisk:15.2.2
-
cpe:2.3:a:digium:asterisk:15.3.0
-
cpe:2.3:a:digium:asterisk:15.4.0
-
cpe:2.3:a:digium:asterisk:15.4.1
-
cpe:2.3:a:digium:asterisk:15.5.0
-
cpe:2.3:a:digium:asterisk:15.6.0
-
cpe:2.3:a:digium:asterisk:15.6.1
-
cpe:2.3:a:digium:asterisk:15.6.2
-
cpe:2.3:a:digium:asterisk:15.7.0
-
cpe:2.3:a:digium:asterisk:15.7.1
-
cpe:2.3:a:digium:asterisk:16.0.0
-
cpe:2.3:a:digium:asterisk:16.0.1
-
cpe:2.3:a:digium:asterisk:16.1.0
-
cpe:2.3:a:digium:asterisk:16.2.0