CVE-2014-4048

{"id": "CVE-2014-4048", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.3, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "MEDIUM", "availabilityImpact": "PARTIAL", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2014-06-17T14:55:08.017", "references": [{"url": "http://downloads.asterisk.org/pub/security/AST-2014-008.html", "tags": ["Patch", "Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://packetstormsecurity.com/files/127090/Asterisk-Project-Security-Advisory-AST-2014-008.html", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/archive/1/532416/100/0/threaded", "source": "cve@mitre.org"}, {"url": "http://downloads.asterisk.org/pub/security/AST-2014-008.html", "tags": ["Patch", "Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://packetstormsecurity.com/files/127090/Asterisk-Project-Security-Advisory-AST-2014-008.html", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/archive/1/532416/100/0/threaded", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Deferred", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "The PJSIP Channel Driver in Asterisk Open Source before 12.3.1 allows remote attackers to cause a denial of service (deadlock) by terminating a subscription request before it is complete, which triggers a SIP transaction timeout."}, {"lang": "es", "value": "El controlador de canales PJSIP en Asterisk Open Source anterior a 12.3.1 permite a atacantes remotos causar una denegaci\u00f3n de servicio (bloqueo) mediante la terminaci\u00f3n de una solicitud de suscripci\u00f3n antes de que se haya completado, lo que provoca un timeout de la transacci\u00f3n SIP."}], "lastModified": "2025-04-12T10:46:40.837", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:digium:asterisk:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "63CB4F59-5EE5-4767-8303-090CCF64C185", "versionEndIncluding": "12.3.0"}, {"criteria": "cpe:2.3:a:digium:asterisk:12.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B446105E-6C8E-495A-BF83-A33CB33485A5"}, {"criteria": "cpe:2.3:a:digium:asterisk:12.1.0:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F3DE062D-4E87-4691-A664-D9E7C02036EB"}, {"criteria": "cpe:2.3:a:digium:asterisk:12.1.0:rc1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3B4D6D24-A718-4962-AD4E-F19AFB03BFF4"}, {"criteria": "cpe:2.3:a:digium:asterisk:12.1.0:rc2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BE2F0D0D-761C-4338-93F0-506E94E57000"}, {"criteria": "cpe:2.3:a:digium:asterisk:12.1.0:rc3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3D38DFCA-E357-4A28-8F03-FDADF40A5185"}, {"criteria": "cpe:2.3:a:digium:asterisk:12.1.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B3CD4A85-26FB-4AE5-9CB7-4DF38DF32482"}, {"criteria": "cpe:2.3:a:digium:asterisk:12.2.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F42C9442-9EBC-4CA5-AB1C-BA0662C27BDC"}, {"criteria": "cpe:2.3:a:digium:asterisk:12.2.0:rc1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "71762B58-A08B-405B-9596-6D15CF4A95D0"}, {"criteria": "cpe:2.3:a:digium:asterisk:12.2.0:rc2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EA48C05A-E898-42EE-A699-94BBD66E5E0A"}, {"criteria": "cpe:2.3:a:digium:asterisk:12.2.0:rc3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EDCB78F8-AAC8-44B1-BDF4-C73BC8951EC3"}, {"criteria": "cpe:2.3:a:digium:asterisk:12.3.0:rc1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DB5E92FB-9CF8-461E-A665-3407D265DF17"}, {"criteria": "cpe:2.3:a:digium:asterisk:12.3.0:rc2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "536F6C10-3165-40F7-931A-23765AB87555"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}