DEBIAN-CVE-2014-8413

See a problem?
Please try reporting it to the source first.

Source

https://security-tracker.debian.org/tracker/CVE-2014-8413

Import Source

https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2014-8413.json

JSON Data

https://api.osv.dev/v1/vulns/DEBIAN-CVE-2014-8413

Upstream

CVE-2014-8413

Published

2014-11-24T15:59:05.310Z

Modified

2025-11-19T02:02:48.856625Z

Summary

[none]

Details

The respjsipacl module in Asterisk Open Source 12.x before 12.7.1 and 13.x before 13.0.1 does not properly create and load ACLs defined in pjsip.conf at startup, which allows remote attackers to bypass intended PJSIP ACL rules.

References

https://security-tracker.debian.org/tracker/CVE-2014-8413

Affected packages

Debian:11 / asterisk

Package

Name: asterisk
Purl: pkg:deb/debian/asterisk?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1:13.1.0~dfsg-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Database specific

source

"https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2014-8413.json"