Network Access Vulnerability in Asterisk by Digium
CVE-2009-3723

7.5HIGH

Key Information:

Vendor

Asterisk

Status
Asterisk
Vendor
CVE Published:
29 October 2019

What is CVE-2009-3723?

Asterisk, an open-source communication software, contains a vulnerability that allows unauthorized calls to be made over networks that are typically restricted. This could lead to significant security risks as calls could be established on prohibited networks, undermining the integrity and confidentiality of communication. It is essential for users running Asterisk to implement appropriate security measures to mitigate the potential misuse associated with this vulnerability.

Affected Version(s)

asterisk All 1.6.1 versions

References

https://security-tracker.debian.org/tracker/CVE-2009-3723
x_refsource_MISC
https://access.redhat.com/security/cve/cve-2009-3723
x_refsource_MISC
http://downloads.asterisk.org/pub/security/AST-2009-007.html
x_refsource_MISC

CVSS V3.1

Score:
7.5
Severity:
HIGH
Confidentiality:
None
Integrity:
High
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.