Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The res_pjsip_acl module in Asterisk Open Source 12.x before 12.7.1 and 13.x before 13.0.1 does not properly create and load ACLs defined in pjsip.conf at startup, which allows remote attackers to bypass intended PJSIP ACL rules.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Digium Asterisk Open Source 权限许可和访问控制漏洞
Vulnerability Description
Digium Asterisk Open Source是美国Digium公司的一套开源的电话交换机(PBX)系统软件。该软件支持语音信箱、多方语音会议、交互式语音应答(IVR)等。 Digium Asterisk Open Source 12.7.0及之前版本和13.0.0及之前版本的res_pjsip_acl模块中存在安全漏洞,该漏洞源于程序启动时没有正确创建和加载pjsip.conf文件中定义的ACLs。远程攻击者可利用该漏洞绕过既定的PJSIP ACL规则。
CVSS Information
N/A
Vulnerability Type
N/A