Vulnerability Details : CVE-2018-7285
A NULL pointer access issue was discovered in Asterisk 15.x through 15.2.1. The RTP support in Asterisk maintains its own registry of dynamic codecs and desired payload numbers. While an SDP negotiation may result in a codec using a different payload number, these desired ones are still stored internally. When an RTP packet was received, this registry would be consulted if the payload number was not found in the negotiated SDP. This registry was incorrectly consulted for all packets, even those which are dynamic. If the payload number resulted in a codec of a different type than the RTP stream (for example, the payload number resulted in a video codec but the stream carried audio), a crash could occur if no stream of that type had been negotiated. This was due to the code incorrectly assuming that a stream of that type would always exist.
Products affected by CVE-2018-7285
- cpe:2.3:a:digium:asterisk:*:*:*:*:*:*:*:*
Threat overview for CVE-2018-7285
Top countries where our scanners detected CVE-2018-7285
Top open port discovered on systems with this issue
22
IPs affected by CVE-2018-7285 67
Threat actors abusing to this issue?
Yes
Find out if you* are
affected by CVE-2018-7285!
*Directly or indirectly through your vendors, service providers and 3rd parties.
Powered by
attack surface intelligence
from SecurityScorecard.
Exploit prediction scoring system (EPSS) score for CVE-2018-7285
1.69%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 86 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2018-7285
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
5.0
|
MEDIUM | AV:N/AC:L/Au:N/C:N/I:N/A:P |
10.0
|
2.9
|
NIST | |
7.5
|
HIGH | CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
3.9
|
3.6
|
NIST |
CWE ids for CVE-2018-7285
-
The product dereferences a pointer that it expects to be valid but is NULL.Assigned by: nvd@nist.gov (Primary)
References for CVE-2018-7285
-
http://www.securitytracker.com/id/1040415
Asterisk Payload Negotiation Error Lets Remote Users Cause the Target Service to Crash - SecurityTrackerThird Party Advisory;VDB Entry
-
http://downloads.asterisk.org/pub/security/AST-2018-001.html
AST-2018-001Patch;Vendor Advisory
-
http://www.securityfocus.com/bid/103149
Asterisk Open Source CVE-2018-7285 Denial of Service VulnerabilityThird Party Advisory;VDB Entry
Jump to