{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2017-09-02T00:00:00", "descriptions": [{"lang": "en", "value": "In Asterisk 11.x before 11.25.2, 13.x before 13.17.1, and 14.x before 14.6.1 and Certified Asterisk 11.x before 11.6-cert17 and 13.x before 13.13-cert5, unauthorized command execution is possible. The app_minivm module has an \"externnotify\" program configuration option that is executed by the MinivmNotify dialplan application. The application uses the caller-id name and number as part of a built string passed to the OS shell for interpretation and execution. Since the caller-id name and number can come from an untrusted source, a crafted caller-id name or number allows an arbitrary shell command injection."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-11-03T18:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://issues.asterisk.org/jira/browse/ASTERISK-27103"}, {"name": "1039252", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id/1039252"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://bugs.debian.org/873908"}, {"name": "GLSA-201710-29", "tags": ["vendor-advisory", "x_refsource_GENTOO"], "url": "https://security.gentoo.org/glsa/201710-29"}, {"name": "DSA-3964", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "http://www.debian.org/security/2017/dsa-3964"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://downloads.asterisk.org/pub/security/AST-2017-006.html"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2017-14100", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "In Asterisk 11.x before 11.25.2, 13.x before 13.17.1, and 14.x before 14.6.1 and Certified Asterisk 11.x before 11.6-cert17 and 13.x before 13.13-cert5, unauthorized command execution is possible. The app_minivm module has an \"externnotify\" program configuration option that is executed by the MinivmNotify dialplan application. The application uses the caller-id name and number as part of a built string passed to the OS shell for interpretation and execution. Since the caller-id name and number can come from an untrusted source, a crafted caller-id name or number allows an arbitrary shell command injection."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "https://issues.asterisk.org/jira/browse/ASTERISK-27103", "refsource": "CONFIRM", "url": "https://issues.asterisk.org/jira/browse/ASTERISK-27103"}, {"name": "1039252", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1039252"}, {"name": "https://bugs.debian.org/873908", "refsource": "CONFIRM", "url": "https://bugs.debian.org/873908"}, {"name": "GLSA-201710-29", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201710-29"}, {"name": "DSA-3964", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2017/dsa-3964"}, {"name": "http://downloads.asterisk.org/pub/security/AST-2017-006.html", "refsource": "CONFIRM", "url": "http://downloads.asterisk.org/pub/security/AST-2017-006.html"}]}}}}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2017-14100", "datePublished": "2017-09-02T16:00:00", "dateReserved": "2017-08-31T00:00:00", "dateUpdated": "2017-11-03T18:57:01", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:digium:asterisk:13.0.0:*:*:*:lts:*:*:*", "matchCriteriaId": "E7D1238A-A8D2-485E-81FD-46038A883EC3", "vulnerable": true}, {"criteria": "cpe:2.3:a:digium:asterisk:13.0.0:beta1:*:*:*:*:*:*", "matchCriteriaId": "E93A7967-9A04-424A-BDDB-A2B8289B9AC4", "vulnerable": true}, {"criteria": "cpe:2.3:a:digium:asterisk:13.0.0:beta2:*:*:*:*:*:*", "matchCriteriaId": "8F75C9FF-6F95-4F6A-B683-FE2BEDE3AD10", "vulnerable": true}, {"criteria": "cpe:2.3:a:digium:asterisk:13.0.0:beta3:*:*:*:*:*:*", "matchCriteriaId": "68226156-42ED-4F0E-93E1-02DD57E582B6", "vulnerable": true}, {"criteria": "cpe:2.3:a:digium:asterisk:13.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "FB2C4E1E-6B90-4DCC-BC09-7D19FBA65C3F", "vulnerable": true}, {"criteria": "cpe:2.3:a:digium:asterisk:13.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "A4EB385E-28B5-4259-9431-99E1F32D61B7", "vulnerable": true}, {"criteria": "cpe:2.3:a:digium:asterisk:13.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "58C0FF1B-6188-4181-A139-1806328762BD", "vulnerable": true}, {"criteria": "cpe:2.3:a:digium:asterisk:13.1.0:rc1:*:*:*:*:*:*", "matchCriteriaId": "890EBB8C-989B-4344-AC03-62B399076008", "vulnerable": true}, {"criteria": "cpe:2.3:a:digium:asterisk:13.1.0:rc2:*:*:*:*:*:*", "matchCriteriaId": "BD4AAECB-A2BC-45BA-BC63-E51C1FE6C334", "vulnerable": true}, {"criteria": "cpe:2.3:a:digium:asterisk:13.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "121EACD3-D5E3-4691-8024-95996865BB65", "vulnerable": true}, {"criteria": "cpe:2.3:a:digium:asterisk:13.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "136D6508-660E-410D-829A-7DD452BF8819", "vulnerable": true}, {"criteria": "cpe:2.3:a:digium:asterisk:13.2.0:rc1:*:*:*:*:*:*", "matchCriteriaId": "AEC2B3AA-EB24-4259-BED1-5DBC102FE9C1", "vulnerable": true}, {"criteria": "cpe:2.3:a:digium:asterisk:13.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "74B23D17-7356-4D37-8C73-E87896D1335B", "vulnerable": true}, {"criteria": "cpe:2.3:a:digium:asterisk:13.3.0:rc1:*:*:*:*:*:*", "matchCriteriaId": "CEA9DA4A-A3E6-4C46-9471-CCBFA71083AF", "vulnerable": true}, {"criteria": "cpe:2.3:a:digium:asterisk:13.3.2:*:*:*:*:*:*:*", "matchCriteriaId": "81A8A6CB-D236-4AB3-8476-C2D34DB7EF31", "vulnerable": true}, {"criteria": "cpe:2.3:a:digium:asterisk:13.4.0:*:*:*:*:*:*:*", "matchCriteriaId": "599833A2-CBE9-479B-8A6E-AF79C5EED1DB", "vulnerable": true}, {"criteria": "cpe:2.3:a:digium:asterisk:13.4.0:rc1:*:*:*:*:*:*", "matchCriteriaId": "B55719B3-7325-47E1-8D16-3F34B1F44385", "vulnerable": true}, {"criteria": "cpe:2.3:a:digium:asterisk:13.5.0:*:*:*:*:*:*:*", "matchCriteriaId": "B870B3B7-E8DC-45A2-8FA4-657D005D00E3", "vulnerable": true}, {"criteria": "cpe:2.3:a:digium:asterisk:13.5.0:rc1:*:*:*:*:*:*", "matchCriteriaId": "C91E9A3B-54EB-4819-94DD-30F7D0C90047", "vulnerable": true}, {"criteria": "cpe:2.3:a:digium:asterisk:13.6.0:rc1:*:*:*:*:*:*", "matchCriteriaId": "47189DF9-8E57-4BA6-9F52-B7A8229AE02A", "vulnerable": true}, {"criteria": "cpe:2.3:a:digium:asterisk:13.7.0:rc1:*:*:*:*:*:*", "matchCriteriaId": "84AAFA3C-3CCD-4615-9725-169C303CF18F", "vulnerable": true}, {"criteria": "cpe:2.3:a:digium:asterisk:13.7.0:rc2:*:*:*:*:*:*", "matchCriteriaId": "C92E0801-9E8F-4CF2-A4A0-48BCF550F2D4", "vulnerable": true}, {"criteria": "cpe:2.3:a:digium:asterisk:13.7.1:*:*:*:*:*:*:*", "matchCriteriaId": "5C1C39FA-EF1A-4F2B-87A0-A00BAE73C6A7", "vulnerable": true}, {"criteria": "cpe:2.3:a:digium:asterisk:13.7.2:*:*:*:*:*:*:*", "matchCriteriaId": "677D1211-0B07-47B9-AB7A-E820E2B29561", "vulnerable": true}, {"criteria": "cpe:2.3:a:digium:asterisk:13.8.0:*:*:*:*:*:*:*", "matchCriteriaId": "84202BAF-29E1-472B-B11F-B73F6A8891CF", "vulnerable": true}, {"criteria": "cpe:2.3:a:digium:asterisk:13.8.0:rc1:*:*:*:*:*:*", "matchCriteriaId": "FFC7120D-E6A0-4801-A1CC-3E143896EE72", "vulnerable": true}, {"criteria": "cpe:2.3:a:digium:asterisk:13.8.1:*:*:*:*:*:*:*", "matchCriteriaId": "BAF2A83D-D9AE-441D-8D4E-335BF9D28A63", "vulnerable": true}, {"criteria": "cpe:2.3:a:digium:asterisk:13.8.2:*:*:*:*:*:*:*", "matchCriteriaId": "7F5C1479-A540-4B7D-B00C-BD35EEC83BB4", "vulnerable": true}, {"criteria": "cpe:2.3:a:digium:asterisk:13.9.0:*:*:*:*:*:*:*", "matchCriteriaId": "AC12556C-5E82-47D7-87E5-FBDC01A920DD", "vulnerable": true}, {"criteria": "cpe:2.3:a:digium:asterisk:13.9.1:*:*:*:*:*:*:*", "matchCriteriaId": "461C1D2D-C4C1-4FF8-8231-38A2505F3523", "vulnerable": true}, {"criteria": "cpe:2.3:a:digium:asterisk:13.10.0:*:*:*:*:*:*:*", "matchCriteriaId": "66595711-8573-4A9B-A8FE-4943E3097AA8", "vulnerable": true}, {"criteria": "cpe:2.3:a:digium:asterisk:13.10.0:rc1:*:*:*:*:*:*", "matchCriteriaId": "5D1FE3D4-A0B9-475A-9B89-B0222283A6A9", "vulnerable": true}, {"criteria": "cpe:2.3:a:digium:asterisk:13.11.0:*:*:*:*:*:*:*", "matchCriteriaId": "9670B5AC-CBD1-484C-90F8-69B1A60B6054", "vulnerable": true}, {"criteria": "cpe:2.3:a:digium:asterisk:13.11.1:*:*:*:*:*:*:*", "matchCriteriaId": "EE5794B6-246C-415E-8E20-56447F152488", "vulnerable": true}, {"criteria": "cpe:2.3:a:digium:asterisk:13.11.2:*:*:*:*:*:*:*", "matchCriteriaId": "E726CA39-A763-4422-B59E-E9E12518EA4D", "vulnerable": true}, {"criteria": "cpe:2.3:a:digium:asterisk:13.12:*:*:*:*:*:*:*", "matchCriteriaId": "6A96EB57-835A-45B4-82F5-31F925A85629", "vulnerable": true}, {"criteria": "cpe:2.3:a:digium:asterisk:13.12.0:*:*:*:*:*:*:*", "matchCriteriaId": "206F1DC9-9E8F-4497-A354-4A14711993DC", "vulnerable": true}, {"criteria": "cpe:2.3:a:digium:asterisk:13.12.1:*:*:*:*:*:*:*", "matchCriteriaId": "8D428364-E2AD-4BC6-9329-71793BC0EB61", "vulnerable": true}, {"criteria": "cpe:2.3:a:digium:asterisk:13.12.2:*:*:*:*:*:*:*", "matchCriteriaId": "08963910-E0BD-4487-B669-60E0BFA79863", "vulnerable": true}, {"criteria": "cpe:2.3:a:digium:asterisk:13.13:*:*:*:*:*:*:*", "matchCriteriaId": "86B16D04-3808-4380-8F64-0C36B185C1F2", "vulnerable": true}, {"criteria": "cpe:2.3:a:digium:asterisk:13.13.0:*:*:*:*:*:*:*", "matchCriteriaId": "F3BD16A9-24BC-4FC1-81BA-A6D1FEF38D35", "vulnerable": true}, {"criteria": "cpe:2.3:a:digium:asterisk:13.13.1:*:*:*:*:*:*:*", "matchCriteriaId": "68BAAD53-DE75-41CA-BF60-C0363029D3A1", "vulnerable": true}, {"criteria": "cpe:2.3:a:digium:asterisk:13.14.0:*:*:*:*:*:*:*", "matchCriteriaId": "CDC383B3-27EF-4C37-94BE-F0D41B34CAFC", "vulnerable": true}, {"criteria": "cpe:2.3:a:digium:asterisk:13.14.0:rc1:*:*:*:*:*:*", "matchCriteriaId": "A7824B34-06C3-403B-B6F3-C850D54438EB", "vulnerable": true}, {"criteria": "cpe:2.3:a:digium:asterisk:13.14.0:rc2:*:*:*:*:*:*", "matchCriteriaId": "17E86941-98F6-45A5-8646-6876F74D909F", "vulnerable": true}, {"criteria": "cpe:2.3:a:digium:asterisk:13.14.1:*:*:*:*:*:*:*", "matchCriteriaId": "C6DB27C0-C74E-4E6A-AA63-09CFE73C2EF6", "vulnerable": true}, {"criteria": "cpe:2.3:a:digium:asterisk:13.15.0:*:*:*:*:*:*:*", "matchCriteriaId": "6C443A3B-DF96-4A68-B046-DE13689CA974", "vulnerable": true}, {"criteria": "cpe:2.3:a:digium:asterisk:13.15.0:rc1:*:*:*:*:*:*", "matchCriteriaId": "5F3AC9AE-288C-4F0E-BF15-C3F4AF09D8E0", "vulnerable": true}, {"criteria": "cpe:2.3:a:digium:asterisk:13.15.0:rc2:*:*:*:*:*:*", "matchCriteriaId": "796A6021-9FCA-4354-A47C-7500C363C168", "vulnerable": true}, {"criteria": "cpe:2.3:a:digium:asterisk:13.15.0:rc3:*:*:*:*:*:*", "matchCriteriaId": "EBB9D073-195F-4C2A-932E-7F027710DB25", "vulnerable": true}, {"criteria": "cpe:2.3:a:digium:asterisk:13.15.1:*:*:*:*:*:*:*", "matchCriteriaId": "604E58C8-9B81-4992-8993-4A6CB876EE08", "vulnerable": true}, {"criteria": "cpe:2.3:a:digium:asterisk:13.16.0:*:*:*:*:*:*:*", "matchCriteriaId": "077C4CB8-1FDE-45D3-82E6-CE09A22809B1", "vulnerable": true}, {"criteria": "cpe:2.3:a:digium:asterisk:13.16.0:rc1:*:*:*:*:*:*", "matchCriteriaId": "3CDB96CA-5AAE-4B39-8E01-2E72E3B476AE", "vulnerable": true}, {"criteria": "cpe:2.3:a:digium:asterisk:13.16.0:rc2:*:*:*:*:*:*", "matchCriteriaId": "8EB33EC3-CDE0-40BD-B269-512AE074D278", "vulnerable": true}, {"criteria": "cpe:2.3:a:digium:asterisk:13.17.0:*:*:*:*:*:*:*", "matchCriteriaId": "363FA95F-03EF-4D6A-A40D-76D285D16255", "vulnerable": true}, {"criteria": "cpe:2.3:a:digium:asterisk:13.17.0:rc1:*:*:*:*:*:*", "matchCriteriaId": "FA96DC31-4BAC-4C5A-923C-EBBFFC7ABB52", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:digium:asterisk:14.0:*:*:*:*:*:*:*", "matchCriteriaId": "C949D5F5-6C0B-4B17-85B6-3A77D08CF967", "vulnerable": true}, {"criteria": "cpe:2.3:a:digium:asterisk:14.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "5D413741-BDB7-496D-A01B-75E2A98FDB5B", "vulnerable": true}, {"criteria": "cpe:2.3:a:digium:asterisk:14.0.0:beta1:*:*:*:*:*:*", "matchCriteriaId": "29130F7F-DE00-43E1-A4A6-8F1F95D5CB19", "vulnerable": true}, {"criteria": "cpe:2.3:a:digium:asterisk:14.0.0:beta2:*:*:*:*:*:*", "matchCriteriaId": "25E94EC0-F577-4B2B-8B11-DC76278CDD42", "vulnerable": true}, {"criteria": "cpe:2.3:a:digium:asterisk:14.0.0:rc1:*:*:*:*:*:*", "matchCriteriaId": "101AD474-9B89-483D-84E8-08012677C55C", "vulnerable": true}, {"criteria": "cpe:2.3:a:digium:asterisk:14.0.0:rc2:*:*:*:*:*:*", "matchCriteriaId": "D57E41F6-C2CF-4183-A78A-9531A88FB65D", "vulnerable": true}, {"criteria": "cpe:2.3:a:digium:asterisk:14.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "FB1F9BB8-F951-427E-B770-69C2ACEBDB28", "vulnerable": true}, {"criteria": "cpe:2.3:a:digium:asterisk:14.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "7C4CE405-E923-4C9C-849A-D1031C4DB493", "vulnerable": true}, {"criteria": "cpe:2.3:a:digium:asterisk:14.1:*:*:*:*:*:*:*", "matchCriteriaId": "C039C0CE-9C9C-4D85-8D7C-574DCF9D920B", "vulnerable": true}, {"criteria": "cpe:2.3:a:digium:asterisk:14.01:*:*:*:*:*:*:*", "matchCriteriaId": "A1B2F2CC-18C3-46E7-8E7F-970622A710C9", "vulnerable": true}, {"criteria": "cpe:2.3:a:digium:asterisk:14.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "04ECDFF1-9718-4FAE-B45B-4F8CCA82829E", "vulnerable": true}, {"criteria": "cpe:2.3:a:digium:asterisk:14.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "D2C4DA60-5701-4BD0-B2F9-D93B9E64111F", "vulnerable": true}, {"criteria": "cpe:2.3:a:digium:asterisk:14.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "0B12834D-2AF1-4AD1-AB23-859CAA5D3210", "vulnerable": true}, {"criteria": "cpe:2.3:a:digium:asterisk:14.02:*:*:*:*:*:*:*", "matchCriteriaId": "89036D04-EA04-4041-9694-6768478D35F3", "vulnerable": true}, {"criteria": "cpe:2.3:a:digium:asterisk:14.2:*:*:*:*:*:*:*", "matchCriteriaId": "B19070D3-9F03-43C7-9F31-9A54BD5F2441", "vulnerable": true}, {"criteria": "cpe:2.3:a:digium:asterisk:14.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "E39BAA74-50A8-4087-8FF8-7C5922121319", "vulnerable": true}, {"criteria": "cpe:2.3:a:digium:asterisk:14.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "6D29C253-B403-4B00-A626-3E3A920DC018", "vulnerable": true}, {"criteria": "cpe:2.3:a:digium:asterisk:14.3.0:*:*:*:*:*:*:*", "matchCriteriaId": "5E9D8FA2-21EA-4384-8001-118DA7C959F0", "vulnerable": true}, {"criteria": "cpe:2.3:a:digium:asterisk:14.3.0:rc1:*:*:*:*:*:*", "matchCriteriaId": "3368DE88-7009-46A0-93F4-4D52BAD3D173", "vulnerable": true}, {"criteria": "cpe:2.3:a:digium:asterisk:14.3.0:rc2:*:*:*:*:*:*", "matchCriteriaId": "26586127-B68B-4476-8182-C49B1B1DCDC6", "vulnerable": true}, {"criteria": "cpe:2.3:a:digium:asterisk:14.3.1:*:*:*:*:*:*:*", "matchCriteriaId": "6D1EFDCC-983E-4227-9FD5-456C16610BC8", "vulnerable": true}, {"criteria": "cpe:2.3:a:digium:asterisk:14.4.0:*:*:*:*:*:*:*", "matchCriteriaId": "DFA7DBAD-BCA6-47D1-A92E-4EB7941F55F1", "vulnerable": true}, {"criteria": "cpe:2.3:a:digium:asterisk:14.4.0:rc1:*:*:*:*:*:*", "matchCriteriaId": "02C6C827-97A6-4287-8B3E-DE29054242B3", "vulnerable": true}, {"criteria": "cpe:2.3:a:digium:asterisk:14.4.0:rc2:*:*:*:*:*:*", "matchCriteriaId": "9BE4F7C1-BB82-44BA-BBFD-9F660330EC15", "vulnerable": true}, {"criteria": "cpe:2.3:a:digium:asterisk:14.4.0:rc3:*:*:*:*:*:*", "matchCriteriaId": "E4FCA146-5A72-4746-BE23-63271FBC4D47", "vulnerable": true}, {"criteria": "cpe:2.3:a:digium:asterisk:14.4.1:*:*:*:*:*:*:*", "matchCriteriaId": "4A0C90BB-C3FE-4A75-B739-0236C4256F7E", "vulnerable": true}, {"criteria": "cpe:2.3:a:digium:asterisk:14.5.0:*:*:*:*:*:*:*", "matchCriteriaId": "46BD9466-0BC9-4B4D-928F-240CD46D306C", "vulnerable": true}, {"criteria": "cpe:2.3:a:digium:asterisk:14.5.0:rc1:*:*:*:*:*:*", "matchCriteriaId": "06F456AD-19D3-49EF-82B1-07370F6499AA", "vulnerable": true}, {"criteria": "cpe:2.3:a:digium:asterisk:14.5.0:rc2:*:*:*:*:*:*", "matchCriteriaId": "24A9997E-D0DC-45B0-B4DB-308667FA820E", "vulnerable": true}, {"criteria": "cpe:2.3:a:digium:asterisk:14.6.0:*:*:*:*:*:*:*", "matchCriteriaId": "26202E79-98E0-4533-B4AE-1ABB2477F5A1", "vulnerable": true}, {"criteria": "cpe:2.3:a:digium:asterisk:14.6.0:rc1:*:*:*:*:*:*", "matchCriteriaId": "C3D7384F-DF1B-4ED7-B1D5-885B95774DDB", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:digium:asterisk:11.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "F53B8453-F35A-49BE-8129-774BADF71BA7", "vulnerable": true}, {"criteria": "cpe:2.3:a:digium:asterisk:11.0.0:beta1:*:*:*:*:*:*", "matchCriteriaId": "CCB0C07E-DA2F-4169-848D-C3315CDC1CB3", "vulnerable": true}, {"criteria": "cpe:2.3:a:digium:asterisk:11.0.0:beta2:*:*:*:*:*:*", "matchCriteriaId": "410C43E6-5912-4C22-A592-7CF94402EEB7", "vulnerable": true}, {"criteria": "cpe:2.3:a:digium:asterisk:11.0.0:rc1:*:*:*:*:*:*", "matchCriteriaId": "D50A355E-1B55-4DD2-8100-EB81AA6FC40E", "vulnerable": true}, {"criteria": "cpe:2.3:a:digium:asterisk:11.0.0:rc2:*:*:*:*:*:*", "matchCriteriaId": "9ADF4230-EFEB-45EC-9C96-0262B4A3E459", "vulnerable": true}, {"criteria": "cpe:2.3:a:digium:asterisk:11.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "5234531C-F69A-4B94-A480-147734206C5A", "vulnerable": true}, {"criteria": "cpe:2.3:a:digium:asterisk:11.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "321C1066-6800-4488-A7C4-BE91FF738453", "vulnerable": true}, {"criteria": "cpe:2.3:a:digium:asterisk:11.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "A9B51588-50A2-40B2-A007-06F57D38C7AA", "vulnerable": true}, {"criteria": "cpe:2.3:a:digium:asterisk:11.1.0:rc1:*:*:*:*:*:*", "matchCriteriaId": "CDE2B00C-6AC0-4166-8A25-EFC42CE7F737", "vulnerable": true}, {"criteria": "cpe:2.3:a:digium:asterisk:11.1.0:rc2:*:*:*:*:*:*", "matchCriteriaId": "9FD404B4-2B0A-4D7A-8CF6-E2C6B4BACBB7", "vulnerable": true}, {"criteria": "cpe:2.3:a:digium:asterisk:11.1.0:rc3:*:*:*:*:*:*", "matchCriteriaId": "617FC4AF-D152-4EE1-828D-C2A6AD0DFD3B", "vulnerable": true}, {"criteria": "cpe:2.3:a:digium:asterisk:11.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "3A3FE6DC-17FD-4CEE-BDFB-9D4685640381", "vulnerable": true}, {"criteria": "cpe:2.3:a:digium:asterisk:11.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "8CEEB6C2-0A6D-4434-8446-CB8605CD3B14", "vulnerable": true}, {"criteria": "cpe:2.3:a:digium:asterisk:11.2.0:rc1:*:*:*:*:*:*", "matchCriteriaId": "1548C574-CD51-49F6-91B1-B06C504000E4", "vulnerable": true}, {"criteria": "cpe:2.3:a:digium:asterisk:11.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "7BE4127D-8123-4408-86D3-08168A4501B9", "vulnerable": true}, {"criteria": "cpe:2.3:a:digium:asterisk:11.2.2:*:*:*:*:*:*:*", "matchCriteriaId": "8836F348-66DF-43BC-9962-946018D13127", "vulnerable": true}, {"criteria": "cpe:2.3:a:digium:asterisk:11.4.0:rc4:*:*:*:*:*:*", "matchCriteriaId": "1453BB31-D674-4A05-AB2A-2502D127C3E9", "vulnerable": true}, {"criteria": "cpe:2.3:a:digium:asterisk:11.6.0:*:*:*:*:*:*:*", "matchCriteriaId": "868865A1-E074-4DB0-A119-D24C5C53FEF9", "vulnerable": true}, {"criteria": "cpe:2.3:a:digium:asterisk:11.6.0:rc1:*:*:*:*:*:*", "matchCriteriaId": "1794440C-7068-4673-9142-6221B8A39E5F", "vulnerable": true}, {"criteria": "cpe:2.3:a:digium:asterisk:11.6.0:rc2:*:*:*:*:*:*", "matchCriteriaId": "C5CF286B-3377-4AE9-A7B9-8535641D639A", "vulnerable": true}, {"criteria": "cpe:2.3:a:digium:asterisk:11.6.1:*:*:*:*:*:*:*", "matchCriteriaId": "7B3D89C7-909F-419A-9EE8-A1F0D02934EF", "vulnerable": true}, {"criteria": "cpe:2.3:a:digium:asterisk:11.7.0:*:*:*:*:*:*:*", "matchCriteriaId": "50EC8D9D-3483-4080-8000-496343BC8BFD", "vulnerable": true}, {"criteria": "cpe:2.3:a:digium:asterisk:11.7.0:rc1:*:*:*:*:*:*", "matchCriteriaId": "6695F632-6AC4-400F-B513-280304ABC1F3", "vulnerable": true}, {"criteria": "cpe:2.3:a:digium:asterisk:11.7.0:rc2:*:*:*:*:*:*", "matchCriteriaId": "A3423C40-240A-4237-8B0F-A4B4ED421C3F", "vulnerable": true}, {"criteria": "cpe:2.3:a:digium:asterisk:11.8.0:-:*:*:*:*:*:*", "matchCriteriaId": "03298D9F-CFB8-48F9-BD0C-8A0BEB0760C9", "vulnerable": true}, {"criteria": "cpe:2.3:a:digium:asterisk:11.8.0:rc1:*:*:*:*:*:*", "matchCriteriaId": "87FCBE6A-C1CD-48EF-A435-4CEADD46C917", "vulnerable": true}, {"criteria": "cpe:2.3:a:digium:asterisk:11.8.0:rc2:*:*:*:*:*:*", "matchCriteriaId": "42E0E639-70A2-41EE-9B34-A9223D1958AF", "vulnerable": true}, {"criteria": "cpe:2.3:a:digium:asterisk:11.8.0:rc3:*:*:*:*:*:*", "matchCriteriaId": "32E84D64-0CB8-46BF-BD3F-8CA2E0CE4C57", "vulnerable": true}, {"criteria": "cpe:2.3:a:digium:asterisk:11.8.1:*:*:*:*:*:*:*", "matchCriteriaId": "A70420A8-8571-4528-98E1-72BE00270C6E", "vulnerable": true}, {"criteria": "cpe:2.3:a:digium:asterisk:11.9.0:*:*:*:*:*:*:*", "matchCriteriaId": "A276363F-F897-4E6D-9D55-5F5AA73DEE26", "vulnerable": true}, {"criteria": "cpe:2.3:a:digium:asterisk:11.9.0:rc1:*:*:*:*:*:*", "matchCriteriaId": "38230656-6242-4D24-AA67-F42A6FA2FC7F", "vulnerable": true}, {"criteria": "cpe:2.3:a:digium:asterisk:11.9.0:rc2:*:*:*:*:*:*", "matchCriteriaId": "20ED9FC3-5E56-4AE7-903F-267CAE7F2CA5", "vulnerable": true}, {"criteria": "cpe:2.3:a:digium:asterisk:11.9.0:rc3:*:*:*:*:*:*", "matchCriteriaId": "84F88075-9935-45BF-88B7-21ACE8AAB314", "vulnerable": true}, {"criteria": "cpe:2.3:a:digium:asterisk:11.10.0:*:*:*:*:*:*:*", "matchCriteriaId": "DB16D9D6-A2F6-4C4B-B364-1B63B1FFB5F0", "vulnerable": true}, {"criteria": "cpe:2.3:a:digium:asterisk:11.10.0:rc1:*:*:*:*:*:*", "matchCriteriaId": "283793E4-0AE8-48D9-ABCF-70E44FE55C4D", "vulnerable": true}, {"criteria": "cpe:2.3:a:digium:asterisk:11.10.1:*:*:*:*:*:*:*", "matchCriteriaId": "A0F79D5F-EB28-417A-86DF-053D6EDBA161", "vulnerable": true}, {"criteria": "cpe:2.3:a:digium:asterisk:11.10.1:rc1:*:*:*:*:*:*", "matchCriteriaId": "4A036F91-70E0-4E97-9896-EEE97BE3C20E", "vulnerable": true}, {"criteria": "cpe:2.3:a:digium:asterisk:11.10.2:*:*:*:*:*:*:*", "matchCriteriaId": "C92ECBCD-1EE3-498A-B3A4-22BF8EFD2EE7", "vulnerable": true}, {"criteria": "cpe:2.3:a:digium:asterisk:11.11.0:*:*:*:*:*:*:*", "matchCriteriaId": "C4EABFC3-24FA-4441-9F2B-650D90AE5CC6", "vulnerable": true}, {"criteria": "cpe:2.3:a:digium:asterisk:11.11.0:rc1:*:*:*:*:*:*", "matchCriteriaId": "3DA61A22-3DD0-46A3-8C13-F25F4F03FD35", "vulnerable": true}, {"criteria": "cpe:2.3:a:digium:asterisk:11.12.0:*:*:*:*:*:*:*", "matchCriteriaId": "2026FD07-103C-4691-AFA4-88C490382F28", "vulnerable": true}, {"criteria": "cpe:2.3:a:digium:asterisk:11.12.0:rc1:*:*:*:*:*:*", "matchCriteriaId": "791700CD-E007-489E-9BC6-37025CAA8144", "vulnerable": true}, {"criteria": "cpe:2.3:a:digium:asterisk:11.12.1:*:*:*:*:*:*:*", "matchCriteriaId": "65607103-4284-430A-8212-AC1DCFFFA778", "vulnerable": true}, {"criteria": "cpe:2.3:a:digium:asterisk:11.13.0:*:*:*:*:*:*:*", "matchCriteriaId": "4061B4C7-8315-450C-866A-C4F3A6BCB1A1", "vulnerable": true}, {"criteria": "cpe:2.3:a:digium:asterisk:11.13.0:rc1:*:*:*:*:*:*", "matchCriteriaId": "C6EA7154-7F08-4E43-9270-E617632230AC", "vulnerable": true}, {"criteria": "cpe:2.3:a:digium:asterisk:11.13.1:*:*:*:*:*:*:*", "matchCriteriaId": "00099DC9-D437-429B-9D08-F0DFA4942A6C", "vulnerable": true}, {"criteria": "cpe:2.3:a:digium:asterisk:11.14.0:*:*:*:lts:*:*:*", "matchCriteriaId": "4149F36C-D455-415F-93D7-F92EEE41419D", "vulnerable": true}, {"criteria": "cpe:2.3:a:digium:asterisk:11.14.0:rc1:*:*:*:*:*:*", "matchCriteriaId": "2DC51129-8F38-4505-90FB-4FFDED45BABF", "vulnerable": true}, {"criteria": "cpe:2.3:a:digium:asterisk:11.14.0:rc2:*:*:*:*:*:*", "matchCriteriaId": "4CA571E0-B513-47AA-95BE-EB4DD2AA91E2", "vulnerable": true}, {"criteria": "cpe:2.3:a:digium:asterisk:11.14.1:*:*:*:*:*:*:*", "matchCriteriaId": "89504BDC-82F7-4813-9C1E-456C9ACC6FB3", "vulnerable": true}, {"criteria": "cpe:2.3:a:digium:asterisk:11.14.2:*:*:*:*:*:*:*", "matchCriteriaId": "118C550E-79A8-431E-BADB-710EEEEDC6C7", "vulnerable": true}, {"criteria": "cpe:2.3:a:digium:asterisk:11.15.0:rc1:*:*:*:*:*:*", "matchCriteriaId": "96C7950F-41D1-46B5-BA62-E8450CB81244", "vulnerable": true}, {"criteria": "cpe:2.3:a:digium:asterisk:11.15.0:rc2:*:*:*:*:*:*", "matchCriteriaId": "C9A32ECC-E208-4834-8EF7-FEF7A3495041", "vulnerable": true}, {"criteria": "cpe:2.3:a:digium:asterisk:11.15.1:*:*:*:*:*:*:*", "matchCriteriaId": "5DF6BC60-23F5-46A1-83F8-F4BCDEF196EF", "vulnerable": true}, {"criteria": "cpe:2.3:a:digium:asterisk:11.16.0:rc1:*:*:*:*:*:*", "matchCriteriaId": "AA3E0D41-2E6E-4294-8E56-1A738A7F9AA9", "vulnerable": true}, {"criteria": "cpe:2.3:a:digium:asterisk:11.17.0:rc1:*:*:*:*:*:*", "matchCriteriaId": "D16109B8-4CDF-46FC-9AD9-A158E532791B", "vulnerable": true}, {"criteria": "cpe:2.3:a:digium:asterisk:11.17.1:*:*:*:*:*:*:*", "matchCriteriaId": "9DCAA174-3CA3-49DB-BA19-D2BCF4F8953F", "vulnerable": true}, {"criteria": "cpe:2.3:a:digium:asterisk:11.18.0:*:*:*:*:*:*:*", "matchCriteriaId": "FD4D1A5A-99A3-4D23-B40C-BBE11EA5B325", "vulnerable": true}, {"criteria": "cpe:2.3:a:digium:asterisk:11.18.0:rc1:*:*:*:*:*:*", "matchCriteriaId": "0F5EE428-98FF-42BC-9F61-311327B8F610", "vulnerable": true}, {"criteria": "cpe:2.3:a:digium:asterisk:11.19.0:rc1:*:*:*:*:*:*", "matchCriteriaId": "CBA2FD08-D761-410F-9804-A76F0DD77349", "vulnerable": true}, {"criteria": "cpe:2.3:a:digium:asterisk:11.20.0:rc1:*:*:*:*:*:*", "matchCriteriaId": "74B34C21-D90B-4E32-BBA6-7773DB663F18", "vulnerable": true}, {"criteria": "cpe:2.3:a:digium:asterisk:11.21.0:rc1:*:*:*:*:*:*", "matchCriteriaId": "90996D49-5731-4F7D-9DBE-D0599A5D85A9", "vulnerable": true}, {"criteria": "cpe:2.3:a:digium:asterisk:11.21.0:rc2:*:*:*:*:*:*", "matchCriteriaId": "D3C91C8D-707D-443D-985F-FA3EDB181208", "vulnerable": true}, {"criteria": "cpe:2.3:a:digium:asterisk:11.21.1:*:*:*:*:*:*:*", "matchCriteriaId": "400EA2E1-B178-467F-BBC2-1B2ECEDE662A", "vulnerable": true}, {"criteria": "cpe:2.3:a:digium:asterisk:11.21.2:*:*:*:*:*:*:*", "matchCriteriaId": "6E00A6C7-D3CF-40B5-A586-06E09C5AA1A3", "vulnerable": true}, {"criteria": "cpe:2.3:a:digium:asterisk:11.22.0:*:*:*:*:*:*:*", "matchCriteriaId": "9E25D043-EE0D-49A5-A468-03EDD9CFE0EC", "vulnerable": true}, {"criteria": "cpe:2.3:a:digium:asterisk:11.22.0:rc1:*:*:*:*:*:*", "matchCriteriaId": "CA17630B-444D-4AE4-B582-F8106C4EEFDB", "vulnerable": true}, {"criteria": "cpe:2.3:a:digium:asterisk:11.23.0:*:*:*:*:*:*:*", "matchCriteriaId": "62A20D6B-62FE-440D-BC58-F764AAA5562B", "vulnerable": true}, {"criteria": "cpe:2.3:a:digium:asterisk:11.23.0:rc1:*:*:*:*:*:*", "matchCriteriaId": "F2AE880B-2FA2-42BB-BEBF-771E18FDA141", "vulnerable": true}, {"criteria": "cpe:2.3:a:digium:asterisk:11.23.1:*:*:*:*:*:*:*", "matchCriteriaId": "AC982D1B-B018-474E-94BE-2157C21276C7", "vulnerable": true}, {"criteria": "cpe:2.3:a:digium:asterisk:11.24.0:*:*:*:*:*:*:*", "matchCriteriaId": "F26815C8-8E43-4C26-947B-986EFFF0ACE1", "vulnerable": true}, {"criteria": "cpe:2.3:a:digium:asterisk:11.24.1:*:*:*:*:*:*:*", "matchCriteriaId": "03E8213E-650F-4C95-B9E5-753E7784EF5B", "vulnerable": true}, {"criteria": "cpe:2.3:a:digium:asterisk:11.25.0:*:*:*:*:*:*:*", "matchCriteriaId": "00B8F794-A7F2-4B8F-B36C-55E61DC6939A", "vulnerable": true}, {"criteria": "cpe:2.3:a:digium:asterisk:11.25.1:*:*:*:*:*:*:*", "matchCriteriaId": "5B7FC3A1-AFB0-4280-BFC5-68F61CFD0AF2", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:digium:certified_asterisk:11.6:cert1:*:*:*:*:*:*", "matchCriteriaId": "322694EF-B086-4BE7-A9F0-41D3A9C245FF", "vulnerable": true}, {"criteria": "cpe:2.3:a:digium:certified_asterisk:11.6:cert1_rc1:*:*:*:*:*:*", "matchCriteriaId": "781AC882-80DD-4176-8E4F-220343B15F68", "vulnerable": true}, {"criteria": "cpe:2.3:a:digium:certified_asterisk:11.6:cert1_rc2:*:*:*:*:*:*", "matchCriteriaId": "770CCEEA-B121-454B-BD36-3FC1B262998A", "vulnerable": true}, {"criteria": "cpe:2.3:a:digium:certified_asterisk:11.6:cert10:*:*:*:*:*:*", "matchCriteriaId": "5CEBE67E-A3E5-4BC9-8740-4F51123CC9F7", "vulnerable": true}, {"criteria": "cpe:2.3:a:digium:certified_asterisk:11.6:cert11:*:*:*:*:*:*", "matchCriteriaId": "CD094E25-5E10-4564-9A4D-BE5A14C2815F", "vulnerable": true}, {"criteria": "cpe:2.3:a:digium:certified_asterisk:11.6:cert12:*:*:*:*:*:*", "matchCriteriaId": "B6873174-0109-402F-ADCA-B1635F441FD9", "vulnerable": true}, {"criteria": "cpe:2.3:a:digium:certified_asterisk:11.6:cert13:*:*:*:*:*:*", "matchCriteriaId": "B529CD2F-2958-44E6-839A-3E4FE392B1F1", "vulnerable": true}, {"criteria": "cpe:2.3:a:digium:certified_asterisk:11.6:cert14:*:*:*:*:*:*", "matchCriteriaId": "B961BF46-DEF7-4804-AF9A-D13F160FA213", "vulnerable": true}, {"criteria": "cpe:2.3:a:digium:certified_asterisk:11.6:cert14_rc1:*:*:*:*:*:*", "matchCriteriaId": "DDC801D4-7A69-4855-8757-24ACE70D784B", "vulnerable": true}, {"criteria": "cpe:2.3:a:digium:certified_asterisk:11.6:cert14_rc2:*:*:*:*:*:*", "matchCriteriaId": "60C2B8F0-7722-48B5-89AA-435F52CBC0A4", "vulnerable": true}, {"criteria": "cpe:2.3:a:digium:certified_asterisk:11.6:cert15:*:*:*:*:*:*", "matchCriteriaId": "B9305CA8-835C-4DFF-9CD8-C1072BACED42", "vulnerable": true}, {"criteria": "cpe:2.3:a:digium:certified_asterisk:11.6:cert16:*:*:*:*:*:*", "matchCriteriaId": "B3729EA6-3949-4854-80D4-DC5587161FBD", "vulnerable": true}, {"criteria": "cpe:2.3:a:digium:certified_asterisk:11.6:cert2:*:*:*:*:*:*", "matchCriteriaId": "013B1940-C45D-4FE2-8B49-D92B8F1A9048", "vulnerable": true}, {"criteria": "cpe:2.3:a:digium:certified_asterisk:11.6:cert3:*:*:*:*:*:*", "matchCriteriaId": "A98B11B5-B8E2-4903-B4F7-3AC23751AE8F", "vulnerable": true}, {"criteria": "cpe:2.3:a:digium:certified_asterisk:11.6:cert4:*:*:*:*:*:*", "matchCriteriaId": "C7D60B24-C509-49C3-87A9-49D05CB44183", "vulnerable": true}, {"criteria": "cpe:2.3:a:digium:certified_asterisk:11.6:cert5:*:*:*:*:*:*", "matchCriteriaId": "3C1F9978-44E7-4D39-BEC6-5C6DB7F893E9", "vulnerable": true}, {"criteria": "cpe:2.3:a:digium:certified_asterisk:11.6:cert6:*:*:*:*:*:*", "matchCriteriaId": "69BA61A8-2A95-4800-BB4E-692BA4321A84", "vulnerable": true}, {"criteria": "cpe:2.3:a:digium:certified_asterisk:11.6:cert7:*:*:*:*:*:*", "matchCriteriaId": "C481D8B0-622D-491D-B292-717B0369B507", "vulnerable": true}, {"criteria": "cpe:2.3:a:digium:certified_asterisk:11.6:cert8:*:*:*:*:*:*", "matchCriteriaId": "BC8390D4-F339-43FF-9F2B-71331D4ECB81", "vulnerable": true}, {"criteria": "cpe:2.3:a:digium:certified_asterisk:11.6:cert9:*:*:*:*:*:*", "matchCriteriaId": "4490B76B-FA41-43DB-9A31-6B3F220F1907", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:digium:certified_asterisk:13.13:cert1:*:*:*:*:*:*", "matchCriteriaId": "0449B393-FA4E-4664-8E16-BE6B94E4872F", "vulnerable": true}, {"criteria": "cpe:2.3:a:digium:certified_asterisk:13.13:cert1_rc1:*:*:*:*:*:*", "matchCriteriaId": "2ED8E415-64FA-4E77-A423-3478E606E58E", "vulnerable": true}, {"criteria": "cpe:2.3:a:digium:certified_asterisk:13.13:cert1_rc2:*:*:*:*:*:*", "matchCriteriaId": "E13CA1DD-B384-4408-B4EC-1AA829981016", "vulnerable": true}, {"criteria": "cpe:2.3:a:digium:certified_asterisk:13.13:cert1_rc3:*:*:*:*:*:*", "matchCriteriaId": "EE28BD0A-EA30-4265-A5D6-0390F3558D44", "vulnerable": true}, {"criteria": "cpe:2.3:a:digium:certified_asterisk:13.13:cert1_rc4:*:*:*:*:*:*", "matchCriteriaId": "0F82048D-C65F-4439-BBE4-2D4A9B07EB7E", "vulnerable": true}, {"criteria": "cpe:2.3:a:digium:certified_asterisk:13.13:cert2:*:*:*:*:*:*", "matchCriteriaId": "6447B77F-3770-4703-9188-B7344ED98E94", "vulnerable": true}, {"criteria": "cpe:2.3:a:digium:certified_asterisk:13.13:cert3:*:*:*:*:*:*", "matchCriteriaId": "5C103924-1D61-4090-8ED5-4731371B2B2C", "vulnerable": true}, {"criteria": "cpe:2.3:a:digium:certified_asterisk:13.13:cert4:*:*:*:*:*:*", "matchCriteriaId": "08F87B09-3867-4CAE-BAD7-2206CD6CAF97", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "In Asterisk 11.x before 11.25.2, 13.x before 13.17.1, and 14.x before 14.6.1 and Certified Asterisk 11.x before 11.6-cert17 and 13.x before 13.13-cert5, unauthorized command execution is possible. The app_minivm module has an \"externnotify\" program configuration option that is executed by the MinivmNotify dialplan application. The application uses the caller-id name and number as part of a built string passed to the OS shell for interpretation and execution. Since the caller-id name and number can come from an untrusted source, a crafted caller-id name or number allows an arbitrary shell command injection."}, {"lang": "es", "value": "En Asterisk 11.x en versiones anteriores a la 11.25.2, 13.x en versiones anteriores a la 13.17.1, y 14.x en versiones anteriores a la 14.6.1 y Certified Asterisk 11.x en versiones anteriores a la 11.6-cert17 y 13.x en versiones anteriores a la 13.13-cert5, es ejecutar comandos sin autorizaci\u00f3n. El m\u00f3dulo app_minivm tiene una opci\u00f3n de configuraci\u00f3n de programa \"externnotify\" que es ejecutada por la aplicaci\u00f3n dialplan MinivmNotify. La aplicaci\u00f3n emplea el nombre y el n\u00famero caller-id como parte de una cadena integrada pasada al shell del sistema operativopara su interpretaci\u00f3n y ejecuci\u00f3n. Debido a que el nombre y el n\u00famero caller-id pueden proceder de una fuente no confiable, un nombre o n\u00famero caller-id permite una inyecci\u00f3n arbitraria de comandos shell."}], "id": "CVE-2017-14100", "lastModified": "2019-10-03T00:03:26.223", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2017-09-02T16:29:00.333", "references": [{"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://downloads.asterisk.org/pub/security/AST-2017-006.html"}, {"source": "cve@mitre.org", "url": "http://www.debian.org/security/2017/dsa-3964"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securitytracker.com/id/1039252"}, {"source": "cve@mitre.org", "tags": ["Issue Tracking", "Patch", "Third Party Advisory"], "url": "https://bugs.debian.org/873908"}, {"source": "cve@mitre.org", "tags": ["Issue Tracking", "Patch", "Third Party Advisory"], "url": "https://issues.asterisk.org/jira/browse/ASTERISK-27103"}, {"source": "cve@mitre.org", "url": "https://security.gentoo.org/glsa/201710-29"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-78"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}