CVE-2021-46837

Published Aug 30, 2022

Last updated 2 years ago

CVSS medium 6.5

Overview

Description: res_pjsip_t38 in Sangoma Asterisk 16.x before 16.16.2, 17.x before 17.9.3, and 18.x before 18.2.2, and Certified Asterisk before 16.8-cert7, allows an attacker to trigger a crash by sending an m=image line and zero port in a response to a T.38 re-invite initiated by Asterisk. This is a re-occurrence of the CVE-2019-15297 symptoms but not for exactly the same reason. The crash occurs because there is an append operation relative to the active topology, but this should instead be a replace operation.
Source: cve@mitre.org
NVD status: Analyzed

Risk scores

CVSS 3.1

Type: Primary
Base score: 6.5
Impact score: 3.6
Exploitability score: 2.8
Vector string: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Severity: MEDIUM

Weaknesses

nvd@nist.gov: CWE-476

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:asterisk:certified_asterisk:16.8.0:-:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "335EF1B5-AD89-48E2-AB2C-BF376BC36F77"
          },
          {
            "criteria": "cpe:2.3:a:asterisk:certified_asterisk:16.8.0:cert1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E64BCD44-2298-4710-9CC3-DF82E6A8DF94"
          },
          {
            "criteria": "cpe:2.3:a:asterisk:certified_asterisk:16.8.0:cert2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A35C117A-6EFB-42EB-AD2A-EA7866606927"
          },
          {
            "criteria": "cpe:2.3:a:asterisk:certified_asterisk:16.8.0:cert3:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "40003CBE-792F-4875-9E60-6F1CE0BBAA8E"
          },
          {
            "criteria": "cpe:2.3:a:asterisk:certified_asterisk:16.8.0:cert4:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "46A7AA7B-13F2-496A-99ED-1CC13234E8CB"
          },
          {
            "criteria": "cpe:2.3:a:asterisk:certified_asterisk:16.8.0:cert5:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "147663CB-B48D-4D89-96BF-F92FF96F347F"
          },
          {
            "criteria": "cpe:2.3:a:asterisk:certified_asterisk:16.8.0:cert6:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "27DBBC83-930A-4ECE-8C1E-47481D881B0D"
          },
          {
            "criteria": "cpe:2.3:a:digium:asterisk:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E6D5A9E8-239F-492C-95AD-7CF2AB964D87",
            "versionEndExcluding": "16.16.2",
            "versionStartIncluding": "16.0.0"
          },
          {
            "criteria": "cpe:2.3:a:digium:asterisk:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9CA36883-D695-47A1-8CA7-2F128BFA194D",
            "versionEndExcluding": "17.9.3",
            "versionStartIncluding": "17.0.0"
          },
          {
            "criteria": "cpe:2.3:a:digium:asterisk:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8DEE180D-A041-42AB-AE5E-DDBD9CF0AACF",
            "versionEndExcluding": "18.2.2",
            "versionStartIncluding": "18.0.0"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252"
          },
          {
            "criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73"
          },
          {
            "criteria": "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FA6FEEC2-9F11-4643-8827-749718254FED"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 3.1

Weaknesses

Social media

Configurations

References