Shodan
Vulnerabilities
Vulnerable Software

Vulnerability Details CVE-2021-26717

An issue was discovered in Sangoma Asterisk 16.x before 16.16.1, 17.x before 17.9.2, and 18.x before 18.2.1 and Certified Asterisk before 16.8-cert6. When re-negotiating for T.38, if the initial remote response was delayed just enough, Asterisk would send both audio and T.38 in the SDP. If this happened, and the remote responded with a declined T.38 stream, then Asterisk would crash.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 54.9%
CVSS Severity
CVSS v3 Score 7.5
CVSS v2 Score 5.0
Products affected by CVE-2021-26717
  • Digium » Asterisk » Version: 16.0.0
    cpe:2.3:a:digium:asterisk:16.0.0
  • Digium » Asterisk » Version: 16.0.1
    cpe:2.3:a:digium:asterisk:16.0.1
  • Digium » Asterisk » Version: 16.1.0
    cpe:2.3:a:digium:asterisk:16.1.0
  • Digium » Asterisk » Version: 16.15.0
    cpe:2.3:a:digium:asterisk:16.15.0
  • Digium » Asterisk » Version: 16.15.1
    cpe:2.3:a:digium:asterisk:16.15.1
  • Digium » Asterisk » Version: 16.2.0
    cpe:2.3:a:digium:asterisk:16.2.0
  • Digium » Asterisk » Version: 16.2.1
    cpe:2.3:a:digium:asterisk:16.2.1
  • Digium » Asterisk » Version: 16.3.0
    cpe:2.3:a:digium:asterisk:16.3.0
  • Digium » Asterisk » Version: 16.4.0
    cpe:2.3:a:digium:asterisk:16.4.0
  • Digium » Asterisk » Version: 16.4.1
    cpe:2.3:a:digium:asterisk:16.4.1
  • Digium » Asterisk » Version: 16.5.0
    cpe:2.3:a:digium:asterisk:16.5.0
  • Digium » Asterisk » Version: 16.5.1
    cpe:2.3:a:digium:asterisk:16.5.1
  • Digium » Asterisk » Version: 16.6.0
    cpe:2.3:a:digium:asterisk:16.6.0
  • Digium » Asterisk » Version: 16.6.1
    cpe:2.3:a:digium:asterisk:16.6.1
  • Digium » Asterisk » Version: 16.6.2
    cpe:2.3:a:digium:asterisk:16.6.2
  • Digium » Asterisk » Version: 17.0.0
    cpe:2.3:a:digium:asterisk:17.0.0
  • Digium » Asterisk » Version: 17.0.1
    cpe:2.3:a:digium:asterisk:17.0.1
  • Digium » Asterisk » Version: 17.1.0
    cpe:2.3:a:digium:asterisk:17.1.0
  • Digium » Asterisk » Version: 17.2.0
    cpe:2.3:a:digium:asterisk:17.2.0
  • Digium » Asterisk » Version: 17.3.0
    cpe:2.3:a:digium:asterisk:17.3.0
  • Digium » Asterisk » Version: 17.4.0
    cpe:2.3:a:digium:asterisk:17.4.0
  • Digium » Asterisk » Version: 17.5.0
    cpe:2.3:a:digium:asterisk:17.5.0
  • Digium » Asterisk » Version: 17.5.1
    cpe:2.3:a:digium:asterisk:17.5.1
  • Digium » Asterisk » Version: 17.6.0
    cpe:2.3:a:digium:asterisk:17.6.0
  • Digium » Asterisk » Version: 17.7.0
    cpe:2.3:a:digium:asterisk:17.7.0
  • Digium » Asterisk » Version: 17.7.7
    cpe:2.3:a:digium:asterisk:17.7.7
  • Digium » Asterisk » Version: 17.8.0
    cpe:2.3:a:digium:asterisk:17.8.0
  • Digium » Asterisk » Version: 17.8.1
    cpe:2.3:a:digium:asterisk:17.8.1
  • Digium » Asterisk » Version: 17.9.0
    cpe:2.3:a:digium:asterisk:17.9.0
  • Digium » Asterisk » Version: 17.9.1
    cpe:2.3:a:digium:asterisk:17.9.1
  • Digium » Asterisk » Version: 18.0
    cpe:2.3:a:digium:asterisk:18.0
  • Digium » Asterisk » Version: 18.0.0
    cpe:2.3:a:digium:asterisk:18.0.0
  • Digium » Asterisk » Version: 18.0.1
    cpe:2.3:a:digium:asterisk:18.0.1
  • Digium » Asterisk » Version: 18.1.0
    cpe:2.3:a:digium:asterisk:18.1.0
  • Digium » Asterisk » Version: 18.1.1
    cpe:2.3:a:digium:asterisk:18.1.1
  • Digium » Asterisk » Version: 18.2.0
    cpe:2.3:a:digium:asterisk:18.2.0
  • Digium » Certified Asterisk » Version: 16.8
    cpe:2.3:a:digium:certified_asterisk:16.8


Products
Pricing
Contact Us

Shodan ® - All rights reserved