CVE-2012-4737

NONECVSS 0.0

0.0

channels/chan_iax2.c in Asterisk Open Source 1.8.x before 1.8.15.1 and 10.x before 10.7.1, Certified Asterisk 1.8.11 before 1.8.11-cert7, Asterisk Digiumphones 10.x.x-digiumphones before 10.7.1-digiumphones, and Asterisk Business Edition C.3.x before C.3.7.6 does not enforce ACL rules during certain uses of peer credentials, which allows remote authenticated users to bypass intended outbound-call restrictions by leveraging the availability of these credentials.

🔗 References (12)

cve@mitrehttp://downloads.asterisk.org/pub/security/AST-2012-013.html
cve@mitrehttp://secunia.com/advisories/50687
cve@mitrehttp://secunia.com/advisories/50756
cve@mitrehttp://www.debian.org/security/2012/dsa-2550
cve@mitrehttp://www.securityfocus.com/bid/55335
cve@mitrehttp://www.securitytracker.com/id?1027461
af854a3a-2127-422b-91ae-364da2661108http://downloads.asterisk.org/pub/security/AST-2012-013.html
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/50687
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/50756
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2012/dsa-2550
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/55335
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id?1027461

Is Your Infrastructure Affected by CVE-2012-4737?

EchelonGraph automatically scans your cloud infrastructure and maps CVE exposure using blast radius analysis.

Start Free Scan →Browse All CVEs

CVE-2012-4737

📅 Published

🔄 Last Modified

🔗 References (12)

Dependency Blast Radius

Is Your Infrastructure Affected by CVE-2012-4737?