Staging Environment: Content and features may be unstable or change without notice.
Search for vulnerabilities
Vulnerability details: VCID-sxxv-pt4p-pkgd
Vulnerability ID VCID-sxxv-pt4p-pkgd
Aliases CVE-2014-8418
Summary The DB dialplan function in Asterisk Open Source 1.8.x before 1.8.32, 11.x before 11.1.4.1, 12.x before 12.7.1, and 13.x before 13.0.1 and Certified Asterisk 1.8 before 1.8.28-cert8 and 11.6 before 11.6-cert8 allows remote authenticated users to gain privileges via a call from an external protocol, as demonstrated by the AMI protocol.
Status Published
Exploitability None
Weighted Severity None
Risk None
Affected and Fixed Packages Package Details
Weaknesses (0)
There are no known CWE.
System Score Found at
epss 0.01284 https://api.first.org/data/v1/epss?cve=CVE-2014-8418
Reference id Reference type URL
https://api.first.org/data/v1/epss?cve=CVE-2014-8418
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8418
771463 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=771463
GLSA-201412-51 https://security.gentoo.org/glsa/201412-51
No exploits are available.
There are no known vectors.
Exploit Prediction Scoring System (EPSS)
Percentile 0.7992
EPSS Score 0.01284
Published At May 29, 2026, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
2026-05-29T13:42:00.631033+00:00 Debian Oval Importer Import https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.6.0