The DB dialplan function in Asterisk Open Source 1.8.x before 1.8.32, 11.x before 11.1.4.1, 12.x before 12.7.1, and 13.x before 13.0.1 and Certified Asterisk 1.8 before 1.8.28-cert8 and 11.6 before 11.6-cert8 allows remote authenticated users to gain privileges via a call from an external protocol, as demonstrated by the AMI protocol.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2014-11-24T15:00:00

Updated: 2024-08-06T13:18:47.847Z

Reserved: 2014-10-22T00:00:00

Link: CVE-2014-8418

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2014-11-24T15:59:10.157

Modified: 2024-11-21T02:19:02.850

Link: CVE-2014-8418

cve-icon Redhat

No data.