The DB dialplan function in Asterisk Open Source 1.8.x before 1.8.32, 11.x before 11.1.4.1, 12.x before 12.7.1, and 13.x before 13.0.1 and Certified Asterisk 1.8 before 1.8.28-cert8 and 11.6 before 11.6-cert8 allows remote authenticated users to gain privileges via a call from an external protocol, as demonstrated by the AMI protocol.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
http://downloads.asterisk.org/pub/security/AST-2014-018.html |
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2014-11-24T15:00:00
Updated: 2024-08-06T13:18:47.847Z
Reserved: 2014-10-22T00:00:00
Link: CVE-2014-8418
Vulnrichment
No data.
NVD
Status : Modified
Published: 2014-11-24T15:59:10.157
Modified: 2024-11-21T02:19:02.850
Link: CVE-2014-8418
Redhat
No data.