Staging Environment: Content and features may be unstable or change without notice.
Search for vulnerabilities
Vulnerability details: VCID-hv7y-fc1a-a7am
Vulnerability ID VCID-hv7y-fc1a-a7am
Aliases CVE-2014-4045
Summary The Publish/Subscribe Framework in the PJSIP channel driver in Asterisk Open Source 12.x before 12.3.1, when sub_min_expiry is set to zero, allows remote attackers to cause a denial of service (assertion failure and crash) via an unsubscribe request when not subscribed to the device.
Status Published
Exploitability None
Weighted Severity None
Risk None
Affected and Fixed Packages Package Details
Weaknesses (0)
There are no known CWE.
System Score Found at
epss 0.01637 https://api.first.org/data/v1/epss?cve=CVE-2014-4045
Reference id Reference type URL
https://api.first.org/data/v1/epss?cve=CVE-2014-4045
No exploits are available.
There are no known vectors.
Exploit Prediction Scoring System (EPSS)
Percentile 0.82234
EPSS Score 0.01637
Published At May 29, 2026, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
2026-05-29T16:49:53.852763+00:00 Debian Importer Import https://security-tracker.debian.org/tracker/data/json 38.6.0