CVE-2022-37325

CVSS V2 None CVSS V3 None
Description
In Sangoma Asterisk through 16.28.0, 17.x and 18.x through 18.14.0, and 19.x through 19.6.0, an incoming Setup message to addons/ooh323c/src/ooq931.c with a malformed Calling or Called Party IE can cause a crash.
Overview
  • CVE ID
  • CVE-2022-37325
  • Assigner
  • cve@mitre.org
  • Vulnerability Status
  • Modified
  • Published Version
  • 2022-12-05T21:15:10
  • Last Modified Date
  • 2023-02-24T00:15:11
CPE Configuration (Product)
CPE Vulnerable Operator Version Start Version End
cpe:2.3:a:sangoma:asterisk:*:*:*:*:*:*:*:* 1 OR 16.0.0 16.29.1
cpe:2.3:a:sangoma:asterisk:*:*:*:*:*:*:*:* 1 OR 18.0.0 18.15.1
cpe:2.3:a:sangoma:asterisk:*:*:*:*:*:*:*:* 1 OR 19.0.0 19.7.1
cpe:2.3:a:sangoma:asterisk:20.0.0:*:*:*:*:*:*:* 1 OR
History
Created Old Value New Value Data Type Notes
2022-12-07 18:06:36 Added to TrackCVE
2023-02-23 01:18:14 2022-12-05T21:15:10.073 2022-12-05T21:15:10 CVE Published Date updated
2023-02-23 01:18:14 2023-02-23T01:15:10 CVE Modified Date updated
2023-02-23 01:18:14 Analyzed Modified Vulnerability Status updated
2023-02-23 01:18:15 References updated
2023-02-24 00:19:34 2023-02-24T00:15:11 CVE Modified Date updated
2023-02-24 00:19:36 References updated