GCVE - cpe:2.3:a:asterisk:business_edition:c.3.0:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:asterisk:business_edition:c.3.0:*:*:*:*:*:*:*

part: a version: c.3.0 update: *

Vendor	Asterisk (`8cf0208b-fb97-57c9-94a0-6da40e548dcd`)
Product	Business Edition (`98e2c821-3dcd-59d7-8484-cb6ed9a5b33f`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from gcve-enriched-dumps CVE data

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2012-2186`	vulnerable	2026-06-03 14:31:46.833224	Details available Incomplete blacklist vulnerability in main/manager.c in Asterisk Open Source 1.8.x before 1.8.15.1 and 10.x before 10.7.1, Certified Asterisk 1.8.11 before 1.8.11-cert6, Asterisk Digiumphones 10.x.x-digiumphones before 10.7.1-digiumphones, and Asterisk Business Edition C.3.x before C.3.7.6 allows remote authenticated users to execute arbitrary commands by leveraging originate privileges and providing an ExternalIVR value in an AMI Originate action. Published: 2012-08-31T14:00:00.000Z Updated: 2024-08-06T19:26:08.975Z Open on db.gcve.eu Reference links http://secunia.com/advisories/50687 http://secunia.com/advisories/50756 http://www.debian.org/security/2012/dsa-2550 http://downloads.asterisk.org/pub/security/AST-2012-012.html http://www.securitytracker.com/id?1027460	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.