CVE-2021-31878

Source
https://nvd.nist.gov/vuln/detail/CVE-2021-31878
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-31878.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2021-31878
Related
Published
2021-07-30T14:15:16Z
Modified
2025-01-14T09:15:03.854748Z
Severity
  • 6.5 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
Summary
[none]
Details

An issue was discovered in PJSIP in Asterisk before 16.19.1 and before 18.5.1. To exploit, a re-INVITE without SDP must be received after Asterisk has sent a BYE request.

References

Affected packages

Git / github.com/asterisk/asterisk

Affected ranges

Type
GIT
Repo
https://github.com/asterisk/asterisk
Events

Affected versions

16.*

16.17.0
16.17.0-rc1
16.17.0-rc2
16.18.0
16.18.0-rc1
16.19.0
16.19.0-rc1

18.*

18.3.0
18.3.0-rc1
18.3.0-rc2
18.4.0
18.4.0-rc1
18.5.0
18.5.0-rc1