Vulnerability Details : CVE-2017-7617
Remote code execution can occur in Asterisk Open Source 13.x before 13.14.1 and 14.x before 14.3.1 and Certified Asterisk 13.13 before 13.13-cert3 because of a buffer overflow in a CDR user field, related to X-ClientCode in chan_sip, the CDR dialplan function, and the AMI Monitor action.
Vulnerability category: OverflowExecute code
Products affected by CVE-2017-7617
- cpe:2.3:a:digium:asterisk:13.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:13.2.0:rc1:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:13.2.0:*:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:13.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:13.1.0:rc1:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:13.1.0:rc2:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:13.0.0:*:*:*:lts:*:*:*
- cpe:2.3:a:digium:asterisk:13.5.0:*:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:13.5.0:rc1:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:13.7.0:rc2:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:13.7.0:rc1:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:13.4.0:*:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:13.4.0:rc1:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:13.3.0:rc1:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:13.6.0:rc1:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:13.10.0:*:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:13.0.0:beta1:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:13.0.0:beta2:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:13.0.0:beta3:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:13.7.2:*:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:13.8.0:*:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:13.8.0:rc1:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:13.8.1:*:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:13.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:13.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:13.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:13.9.0:*:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:13.3.2:*:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:13.10.0:rc1:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:13.11.0:*:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:13.7.1:*:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:13.8.2:*:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:13.9.1:*:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:13.13:*:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:14.0:*:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:14.1:*:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:14.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:13.12:*:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:14.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:14.2:*:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:14.01:*:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:14.02:*:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:13.11.1:*:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:13.12.1:*:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:13.12.2:*:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:14.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:14.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:14.0.0:beta1:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:14.0.0:beta2:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:14.2.0:*:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:13.11.2:*:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:13.12.0:*:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:14.0.0:rc1:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:14.0.0:rc2:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:13.13.0:*:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:14.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:14.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:13.14.0:*:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:14.3.0:*:*:*:*:*:*:*
- cpe:2.3:a:digium:asterisk:14.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:digium:certified_asterisk:*:*:*:*:*:*:*:*
Threat overview for CVE-2017-7617
Top countries where our scanners detected CVE-2017-7617
Top open port discovered on systems with this issue
8088
IPs affected by CVE-2017-7617 8,281
Threat actors abusing to this issue?
Yes
Find out if you* are
affected by CVE-2017-7617!
*Directly or indirectly through your vendors, service providers and 3rd parties.
Powered by
attack surface intelligence
from SecurityScorecard.
Exploit prediction scoring system (EPSS) score for CVE-2017-7617
18.44%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 95 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2017-7617
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
|---|---|---|---|---|---|---|
|
6.5
|
MEDIUM | AV:N/AC:L/Au:S/C:P/I:P/A:P |
8.0
|
6.4
|
NIST | |
|
8.8
|
HIGH | CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
2.8
|
5.9
|
NIST |
CWE ids for CVE-2017-7617
-
The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.Assigned by: nvd@nist.gov (Primary)
References for CVE-2017-7617
-
http://www.securityfocus.com/bid/97377
Multiple Asterisk Products Remote Buffer Overflow VulnerabilityThird Party Advisory;VDB Entry
-
http://downloads.asterisk.org/pub/security/AST-2017-001.html
AST-2017-001Patch;Vendor Advisory
-
https://bugs.debian.org/859910
#859910 - asterisk: CVE-2017-7617: AST-2017-001: Buffer overflow in CDR's set user - Debian Bug report logsPatch;Third Party Advisory
Jump to