CVE-2019-18351 – An issue was discovered in channels/chan_sip.c in Sangoma Asterisk through 13.29.1, throug …

5 March 2021

Vuln ID: CVE-2019-18351

Published: 2021-03-05 02:15:12Z

Description: An issue was discovered in channels/chan_sip.c in Sangoma Asterisk through 13.29.1, through 16.6.1, and through 17.0.0; and Certified Asterisk through 13.21-cert4. A SIP request can be sent to Asterisk that can change a SIP peer’s IP address. A REGISTER does not need to occur, and calls can be hijacked as a result. The only thing that needs to be known is the peer’s name; authentication details such as passwords do not need to be known. This vulnerability is only exploitable when the nat option is set to the default, or auto_force_rport.

Source: NVD.NIST.GOV

Date:

5 March 2021

Categorie(s):

NVD

Tag(s):

NVD

How To Get A Cybersecurity Job With No Experience23 April 2024
How to fix iCloud sync in seconds23 April 2024
Can VPNs Help Prevent Cyberattacks? [We Have The Answer]23 April 2024
A ‘substantial proportion’ of Americans exposed in Change Healthcare cyberattack23 April 2024
Top 10 things CISOs should know about AI security tools23 April 2024