National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

Vulnerability Change Record for CVE-2017-16671

Change History

Initial Analysis - 12/4/2017 2:28:13 PM

Action Type Old Value New Value
Changed Reference Type
http://downloads.digium.com/pub/security/AST-2017-010.html No Types Assigned
http://downloads.digium.com/pub/security/AST-2017-010.html Vendor Advisory
Changed Reference Type
http://www.securityfocus.com/bid/101760 No Types Assigned
http://www.securityfocus.com/bid/101760 Third Party Advisory, VDB Entry
Changed Reference Type
https://issues.asterisk.org/jira/browse/ASTERISK-27337 No Types Assigned
https://issues.asterisk.org/jira/browse/ASTERISK-27337 Issue Tracking, Vendor Advisory
Added CWE
CWE-119
Added CVSS V2
(AV:N/AC:L/Au:S/C:P/I:P/A:P)
Added CVSS V3
AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Added CPE Configuration
OR
     *cpe:2.3:a:digium:asterisk:*:*:*:*:*:*:*:* versions from (including) 13.0.0 up to (excluding) 13.18.1
     *cpe:2.3:a:digium:asterisk:*:*:*:*:*:*:*:* versions from (including) 14.0.0 up to (excluding) 14.7.1
     *cpe:2.3:a:digium:asterisk:*:*:*:*:*:*:*:* versions from (including) 15.0.0 up to (excluding) 15.1.1
Added CPE Configuration
OR
     *cpe:2.3:a:digium:certified_asterisk:13.13.0:*:*:*:*:*:*:*
     *cpe:2.3:a:digium:certified_asterisk:13.13.0:cert1:*:*:*:*:*:*
     *cpe:2.3:a:digium:certified_asterisk:13.13.0:cert1_rc1:*:*:*:*:*:*
     *cpe:2.3:a:digium:certified_asterisk:13.13.0:cert1_rc2:*:*:*:*:*:*
     *cpe:2.3:a:digium:certified_asterisk:13.13.0:cert1_rc3:*:*:*:*:*:*
     *cpe:2.3:a:digium:certified_asterisk:13.13.0:cert1_rc4:*:*:*:*:*:*
     *cpe:2.3:a:digium:certified_asterisk:13.13.0:cert2:*:*:*:*:*:*
     *cpe:2.3:a:digium:certified_asterisk:13.13.0:cert3:*:*:*:*:*:*
     *cpe:2.3:a:digium:certified_asterisk:13.13.0:cert4:*:*:*:*:*:*
     *cpe:2.3:a:digium:certified_asterisk:13.13.0:cert5:*:*:*:*:*:*
     *cpe:2.3:a:digium:certified_asterisk:13.13.0:cert6:*:*:*:*:*:*