CVE-2023-49786

CVSS v3 7.5 HIGH

7.5^/10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

sterisk is an open source private branch exchange and telephony toolkit. In Asterisk prior to versions 18.20.1, 20.5.1, and 21.0.1; as well as certified-asterisk prior to 18.9-cert6; Asterisk is susceptible to a DoS due to a race condition in the hello handshake phase of the DTLS protocol when handling DTLS-SRTP for media setup. This attack can be done continuously, thus denying new DTLS-SRTP encrypted calls during the attack. Abuse of this vulnerability may lead to a massive Denial of Service on vulnerable Asterisk servers for calls that rely on DTLS-SRTP. Commit d7d7764cb07c8a1872804321302ef93bf62cba05 contains a fix, which is part of versions 18.20.1, 20.5.1, 21.0.1, amd 18.9-cert6.

References

Link	Resource
http://packetstormsecurity.com/files/176251/Asterisk-20.1.0-Denial-Of-Service.html	Exploit Third Party Advisory VDB Entry
http://seclists.org/fulldisclosure/2023/Dec/24	Exploit Mailing List Third Party Advisory
http://www.openwall.com/lists/oss-security/2023/12/15/7	Exploit Mailing List
https://github.com/EnableSecurity/advisories/tree/master/ES2023-01-asterisk-dtls-hello-race	Exploit
https://github.com/asterisk/asterisk/commit/d7d7764cb07c8a1872804321302ef93bf62cba05	Patch
https://github.com/asterisk/asterisk/security/advisories/GHSA-hxj9-xwr8-w8pq	Exploit Vendor Advisory
https://lists.debian.org/debian-lts-announce/2023/12/msg00019.html
http://packetstormsecurity.com/files/176251/Asterisk-20.1.0-Denial-Of-Service.html	Exploit Third Party Advisory VDB Entry
http://seclists.org/fulldisclosure/2023/Dec/24	Exploit Mailing List Third Party Advisory
http://www.openwall.com/lists/oss-security/2023/12/15/7	Exploit Mailing List
https://github.com/EnableSecurity/advisories/tree/master/ES2023-01-asterisk-dtls-hello-race	Exploit
https://github.com/asterisk/asterisk/commit/d7d7764cb07c8a1872804321302ef93bf62cba05	Patch
https://github.com/asterisk/asterisk/security/advisories/GHSA-hxj9-xwr8-w8pq	Exploit Vendor Advisory
https://lists.debian.org/debian-lts-announce/2023/12/msg00019.html

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:digium:asterisk::::::::
	cpe:2.3:a:digium:asterisk::::::::
	cpe:2.3:a:digium:asterisk:21.0.0:::::::*
	cpe:2.3:a:sangoma:certified_asterisk:13.13.0:::::::*
	cpe:2.3:a:sangoma:certified_asterisk:13.13.0:cert1::::::
	cpe:2.3:a:sangoma:certified_asterisk:13.13.0:cert1-rc1::::::
	cpe:2.3:a:sangoma:certified_asterisk:13.13.0:cert1-rc2::::::
	cpe:2.3:a:sangoma:certified_asterisk:13.13.0:cert1-rc3::::::
	cpe:2.3:a:sangoma:certified_asterisk:13.13.0:cert1-rc4::::::
	cpe:2.3:a:sangoma:certified_asterisk:13.13.0:cert2::::::
	cpe:2.3:a:sangoma:certified_asterisk:13.13.0:cert3::::::
	cpe:2.3:a:sangoma:certified_asterisk:13.13.0:rc1::::::
	cpe:2.3:a:sangoma:certified_asterisk:13.13.0:rc2::::::
	cpe:2.3:a:sangoma:certified_asterisk:16.8.0:-::::::
	cpe:2.3:a:sangoma:certified_asterisk:16.8.0:cert1::::::
	cpe:2.3:a:sangoma:certified_asterisk:16.8.0:cert10::::::
	cpe:2.3:a:sangoma:certified_asterisk:16.8.0:cert11::::::
	cpe:2.3:a:sangoma:certified_asterisk:16.8.0:cert12::::::
	cpe:2.3:a:sangoma:certified_asterisk:16.8.0:cert2::::::
	cpe:2.3:a:sangoma:certified_asterisk:16.8.0:cert3::::::
	cpe:2.3:a:sangoma:certified_asterisk:16.8.0:cert4::::::
	cpe:2.3:a:sangoma:certified_asterisk:16.8.0:cert5::::::
	cpe:2.3:a:sangoma:certified_asterisk:16.8.0:cert6::::::
	cpe:2.3:a:sangoma:certified_asterisk:16.8.0:cert7::::::
	cpe:2.3:a:sangoma:certified_asterisk:16.8.0:cert8::::::
	cpe:2.3:a:sangoma:certified_asterisk:16.8.0:cert9::::::
	cpe:2.3:a:sangoma:certified_asterisk:18.9:cert1::::::
	cpe:2.3:a:sangoma:certified_asterisk:18.9:cert2::::::
	cpe:2.3:a:sangoma:certified_asterisk:18.9:cert3::::::
	cpe:2.3:a:sangoma:certified_asterisk:18.9:cert4::::::
	cpe:2.3:a:sangoma:certified_asterisk:18.9:cert5::::::

History

21 Nov 2024, 08:33

Type	Values Removed	Values Added
References	~~() http://packetstormsecurity.com/files/176251/Asterisk-20.1.0-Denial-Of-Service.html - Exploit, Third Party Advisory, VDB Entry~~	() http://packetstormsecurity.com/files/176251/Asterisk-20.1.0-Denial-Of-Service.html - Exploit, Third Party Advisory, VDB Entry
References	~~() http://seclists.org/fulldisclosure/2023/Dec/24 - Exploit, Mailing List, Third Party Advisory~~	() http://seclists.org/fulldisclosure/2023/Dec/24 - Exploit, Mailing List, Third Party Advisory
References	~~() http://www.openwall.com/lists/oss-security/2023/12/15/7 - Exploit, Mailing List~~	() http://www.openwall.com/lists/oss-security/2023/12/15/7 - Exploit, Mailing List
References	~~() https://github.com/EnableSecurity/advisories/tree/master/ES2023-01-asterisk-dtls-hello-race - Exploit~~	() https://github.com/EnableSecurity/advisories/tree/master/ES2023-01-asterisk-dtls-hello-race - Exploit
References	~~() https://github.com/asterisk/asterisk/commit/d7d7764cb07c8a1872804321302ef93bf62cba05 - Patch~~	() https://github.com/asterisk/asterisk/commit/d7d7764cb07c8a1872804321302ef93bf62cba05 - Patch
References	~~() https://github.com/asterisk/asterisk/security/advisories/GHSA-hxj9-xwr8-w8pq - Exploit, Vendor Advisory~~	() https://github.com/asterisk/asterisk/security/advisories/GHSA-hxj9-xwr8-w8pq - Exploit, Vendor Advisory
References	~~() https://lists.debian.org/debian-lts-announce/2023/12/msg00019.html -~~	() https://lists.debian.org/debian-lts-announce/2023/12/msg00019.html -
CVSS	v2 : ~~unknown~~ v3 : ~~5.9~~	v2 : unknown v3 : 7.5

Information

Published : 2023-12-14 20:15

Updated : 2024-11-21 08:33

NVD link : CVE-2023-49786

Mitre link : CVE-2023-49786

CVE.ORG link : CVE-2023-49786

JSON object : View

Products Affected

sangoma

certified_asterisk

digium

asterisk

CWE

CWE-703

Improper Check or Handling of Exceptional Conditions

CWE-362

Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

7.5 /10