Details of VAR-201911-1169

ID

VAR-201911-1169

CVE

CVE-2019-18610

TITLE

Sangoma Asterisk and Certified Asterisk Vulnerabilities related to lack of authentication

Trust: 0.8

sources: JVNDB: JVNDB-2019-012584

DESCRIPTION

An issue was discovered in manager.c in Sangoma Asterisk through 13.x, 16.x, 17.x and Certified Asterisk 13.21 through 13.21-cert4. A remote authenticated Asterisk Manager Interface (AMI) user without system authorization could use a specially crafted Originate AMI request to execute arbitrary system commands. Refer to the vendor information and take appropriate measures. Sangoma Technologies Asterisk is an open source telephone exchange (PBX) system software. The software supports voice mail, multi-party voice conferencing, interactive voice response (IVR), and more. Affected Versions Product Release Series Asterisk Open Source 13.x All releases Asterisk Open Source 16.x All releases Asterisk Open Source 17.x All releases Certified Asterisk 13.21 All releases Corrected In Product Release Asterisk Open Source 13.29.2 Asterisk Open Source 16.6.2 Asterisk Open Source 17.0.1 Certified Asterisk 13.21-cert5 Patches SVN URL Revision http://downloads.asterisk.org/pub/security/AST-2019-007-13.diff Asterisk 13 http://downloads.asterisk.org/pub/security/AST-2019-007-16.diff Asterisk 16 http://downloads.asterisk.org/pub/security/AST-2019-007-17.diff Asterisk 17 http://downloads.asterisk.org/pub/security/AST-2019-007-13.21.diff Certified Asterisk 13.21-cert5 Links https://issues.asterisk.org/jira/browse/ASTERISK-28580 Asterisk Project Security Advisories are posted at http://www.asterisk.org/security This document may be superseded by later versions; if so, the latest version will be posted at http://downloads.digium.com/pub/security/AST-2019-007.pdf and http://downloads.digium.com/pub/security/AST-2019-007.html Revision History Date Editor Revisions Made October 24, 2019 George Joseph Initial Revision November 21, 2019 Ben Ford Added “Posted On” date Asterisk Project Security Advisory - AST-2019-007 Copyright © 2019 Digium, Inc. All Rights Reserved. Permission is hereby granted to distribute and publish this advisory in its original, unaltered form

Trust: 2.25

sources: NVD: CVE-2019-18610 // JVNDB: JVNDB-2019-012584 // CNVD: CNVD-2020-03060 // PACKETSTORM: 155435

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2020-03060

AFFECTED PRODUCTS

vendor:	digium	model:	asterisk	scope:	lt	version:	13.29.2	Trust: 1.0
vendor:	digium	model:	certified asterisk	scope:	eq	version:	13.21.0	Trust: 1.0
vendor:	digium	model:	asterisk	scope:	gte	version:	16.0.0	Trust: 1.0
vendor:	digium	model:	asterisk	scope:	lt	version:	16.6.2	Trust: 1.0
vendor:	digium	model:	asterisk	scope:	gte	version:	17.0.0	Trust: 1.0
vendor:	debian	model:	linux	scope:	eq	version:	8.0	Trust: 1.0
vendor:	digium	model:	asterisk	scope:	gte	version:	13.0.0	Trust: 1.0
vendor:	debian	model:	linux	scope:	eq	version:	9.0	Trust: 1.0
vendor:	digium	model:	asterisk	scope:	lt	version:	17.0.1	Trust: 1.0
vendor:	debian	model:	gnu/linux	scope:	-	version:	-	Trust: 0.8
vendor:	digium	model:	asterisk	scope:	lte	version:	13.x	Trust: 0.8
vendor:	digium	model:	asterisk	scope:	eq	version:	16.x	Trust: 0.8
vendor:	digium	model:	asterisk	scope:	eq	version:	17.x	Trust: 0.8
vendor:	digium	model:	certified asterisk	scope:	eq	version:	13.21 to 13.21-cert4	Trust: 0.8
vendor:	sangoma	model:	asterisk	scope:	lte	version:	<=13.*	Trust: 0.6
vendor:	sangoma	model:	asterisk	scope:	lte	version:	<=16.*	Trust: 0.6
vendor:	sangoma	model:	asterisk	scope:	lte	version:	<=17.*	Trust: 0.6
vendor:	sangoma	model:	certified asterisk	scope:	eq	version:	13.21	Trust: 0.6
vendor:	sangoma	model:	certified asterisk 13.21-cert4	scope:	-	version:	-	Trust: 0.6

sources: CNVD: CNVD-2020-03060 // JVNDB: JVNDB-2019-012584 // NVD: CVE-2019-18610

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2019-18610
value:	HIGH
Trust: 1.0
NVD:	CVE-2019-18610
value:	HIGH
Trust: 0.8
CNVD:	CNVD-2020-03060
value:	HIGH
Trust: 0.6
CNNVD:	CNNVD-201911-1290
value:	HIGH
Trust: 0.6

nvd@nist.gov:	CVE-2019-18610
severity:	HIGH
baseScore:	9.0
vectorString:	AV:N/AC:L/AU:S/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	SINGLE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	8.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
CNVD:	CNVD-2020-03060
severity:	HIGH
baseScore:	9.0
vectorString:	AV:N/AC:L/AU:S/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	SINGLE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	8.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6

nvd@nist.gov:	CVE-2019-18610
baseSeverity:	HIGH
baseScore:	8.8
vectorString:	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	2.8
impactScore:	5.9
version:	3.1
Trust: 1.0
NVD:	CVE-2019-18610
baseSeverity:	HIGH
baseScore:	8.8
vectorString:	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: CNVD: CNVD-2020-03060 // JVNDB: JVNDB-2019-012584 // CNNVD: CNNVD-201911-1290 // NVD: CVE-2019-18610

PROBLEMTYPE DATA

problemtype:

CWE-862

Trust: 1.8

sources: JVNDB: JVNDB-2019-012584 // NVD: CVE-2019-18610

THREAT TYPE

remote

Trust: 0.7

sources: PACKETSTORM: 155435 // CNNVD: CNNVD-201911-1290

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-201911-1290

CONFIGURATIONS

sources: JVNDB: JVNDB-2019-012584

PATCH

title:	Security Advisories	url:	https://www.asterisk.org/downloads/security-advisories	Trust: 0.8
title:	AST-2019-007	url:	http://downloads.asterisk.org/pub/security/AST-2019-007.html	Trust: 0.8
title:	[SECURITY] [DLA 2017-1] asterisk security update	url:	https://lists.debian.org/debian-lts-announce/2019/11/msg00038.html	Trust: 0.8
title:	Patch for Sangoma Technologies Asterisk and Sangoma Technologies Certified Asterisk Command Execution Vulnerability	url:	https://www.cnvd.org.cn/patchInfo/show/196957	Trust: 0.6
title:	Sangoma Technologies Asterisk and Sangoma Technologies Certified Asterisk Security vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=104055	Trust: 0.6

sources: CNVD: CNVD-2020-03060 // JVNDB: JVNDB-2019-012584 // CNNVD: CNNVD-201911-1290

EXTERNAL IDS

db:	NVD	id:	CVE-2019-18610	Trust: 3.1
db:	JVNDB	id:	JVNDB-2019-012584	Trust: 0.8
db:	PACKETSTORM	id:	155435	Trust: 0.7
db:	CNVD	id:	CNVD-2020-03060	Trust: 0.6
db:	AUSCERT	id:	ESB-2019.4526	Trust: 0.6
db:	AUSCERT	id:	ESB-2019.4421	Trust: 0.6
db:	CNNVD	id:	CNNVD-201911-1290	Trust: 0.6

sources: CNVD: CNVD-2020-03060 // JVNDB: JVNDB-2019-012584 // PACKETSTORM: 155435 // CNNVD: CNNVD-201911-1290 // NVD: CVE-2019-18610

REFERENCES

url:	http://downloads.asterisk.org/pub/security/ast-2019-007.html	Trust: 2.2
url:	https://www.asterisk.org/downloads/security-advisories	Trust: 1.6
url:	https://lists.debian.org/debian-lts-announce/2022/04/msg00001.html	Trust: 1.6
url:	https://lists.debian.org/debian-lts-announce/2019/11/msg00038.html	Trust: 1.6
url:	https://nvd.nist.gov/vuln/detail/cve-2019-18610	Trust: 1.5
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-18610	Trust: 0.8
url:	https://seclists.org/fulldisclosure/2019/nov/19	Trust: 0.6
url:	http://downloads.asterisk.org/pub/security/ast-2019-008.html	Trust: 0.6
url:	http://downloads.asterisk.org/pub/security/ast-2019-006.html	Trust: 0.6
url:	https://lists.debian.org/debian-lts-announce/2019/11/msg00038.html second message url unavailable at time of publishing	Trust: 0.6
url:	https://vigilance.fr/vulnerability/asterisk-privilege-escalation-via-ami-originate-request-30936	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2019.4526/	Trust: 0.6
url:	https://packetstormsecurity.com/files/155435/asterisk-project-security-advisory-ast-2019-007.html	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2019.4421/	Trust: 0.6
url:	http://downloads.digium.com/pub/security/ast-2019-007.pdf	Trust: 0.1
url:	http://downloads.digium.com/pub/security/ast-2019-007.html	Trust: 0.1
url:	http://www.asterisk.org/security	Trust: 0.1
url:	http://downloads.asterisk.org/pub/security/ast-2019-007-13.diff	Trust: 0.1
url:	http://downloads.asterisk.org/pub/security/ast-2019-007-17.diff	Trust: 0.1
url:	https://issues.asterisk.org/jira/browse/asterisk-28580	Trust: 0.1
url:	http://downloads.asterisk.org/pub/security/ast-2019-007-16.diff	Trust: 0.1
url:	http://downloads.asterisk.org/pub/security/ast-2019-007-13.21.diff	Trust: 0.1

sources: CNVD: CNVD-2020-03060 // JVNDB: JVNDB-2019-012584 // PACKETSTORM: 155435 // CNNVD: CNNVD-201911-1290 // NVD: CVE-2019-18610

CREDITS

gjoseph

Trust: 0.7

sources: PACKETSTORM: 155435 // CNNVD: CNNVD-201911-1290

SOURCES

db:	CNVD	id:	CNVD-2020-03060
db:	JVNDB	id:	JVNDB-2019-012584
db:	PACKETSTORM	id:	155435
db:	CNNVD	id:	CNNVD-201911-1290
db:	NVD	id:	CVE-2019-18610

LAST UPDATE DATE

2024-11-23T21:52:07.630000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2020-03060	date:	2020-01-21T00:00:00
db:	JVNDB	id:	JVNDB-2019-012584	date:	2019-12-05T00:00:00
db:	CNNVD	id:	CNNVD-201911-1290	date:	2022-04-06T00:00:00
db:	NVD	id:	CVE-2019-18610	date:	2024-11-21T04:33:21.593

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2020-03060	date:	2020-01-14T00:00:00
db:	JVNDB	id:	JVNDB-2019-012584	date:	2019-12-05T00:00:00
db:	PACKETSTORM	id:	155435	date:	2019-11-21T23:30:33
db:	CNNVD	id:	CNNVD-201911-1290	date:	2019-11-21T00:00:00
db:	NVD	id:	CVE-2019-18610	date:	2019-11-22T18:15:11.030