ID
VAR-202410-1759
CVE
CVE-2024-49215
TITLE
Sangoma of Asterisk and certified asterisk Past traversal vulnerability in
Trust: 0.8
DESCRIPTION
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2023-49294. Reason: This candidate is a reservation duplicate of CVE-2023-49294. Notes: All CVE users should reference CVE-2023-49294 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage. Sangoma of Asterisk and certified asterisk Exists in a past traversal vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state
Trust: 1.62
AFFECTED PRODUCTS
| vendor: | sangoma | model: | asterisk | scope: | - | version: | - | Trust: 0.8 |
| vendor: | sangoma | model: | certified asterisk | scope: | - | version: | - | Trust: 0.8 |
CVSS
SEVERITY | CVSSV2 | CVSSV3 | ||||||||||||||||||||||||||||||||||||
|
|
PROBLEMTYPE DATA
| problemtype: | Path traversal (CWE-22) [NVD evaluation ] | Trust: 0.8 |
| problemtype: | Path traversal (CWE-22) [ others ] | Trust: 0.8 |
EXTERNAL IDS
| db: | NVD | id: | CVE-2024-49215 | Trust: 2.6 |
| db: | JVNDB | id: | JVNDB-2024-011079 | Trust: 0.8 |
REFERENCES
| url: | https://nvd.nist.gov/vuln/detail/cve-2024-49215 | Trust: 0.8 |
| url: | https://gist.github.com/hyp164d1/5d68b9b7a504f1416272a825ce65966a | Trust: 0.8 |
| url: | https://github.com/asterisk/asterisk/blob/20.5.0/main/manager.c#l3755 | Trust: 0.8 |
SOURCES
| db: | JVNDB | id: | JVNDB-2024-011079 |
| db: | NVD | id: | CVE-2024-49215 |
LAST UPDATE DATE
2024-12-10T23:04:47.726000+00:00
SOURCES UPDATE DATE
| db: | JVNDB | id: | JVNDB-2024-011079 | date: | 2024-10-25T01:12:00 |
| db: | NVD | id: | CVE-2024-49215 | date: | 2024-12-09T23:15:08.250 |
SOURCES RELEASE DATE
| db: | JVNDB | id: | JVNDB-2024-011079 | date: | 2024-10-25T00:00:00 |
| db: | NVD | id: | CVE-2024-49215 | date: | 2024-10-21T01:15:02.943 |