Search for vulnerabilities
Vulnerability details: VCID-cvzy-u6j7-aaar
Vulnerability ID VCID-cvzy-u6j7-aaar
Aliases CVE-2007-2294
Summary The Manager Interface in Asterisk before 1.2.18 and 1.4.x before 1.4.3 allows remote attackers to cause a denial of service (crash) by using MD5 authentication to authenticate a user that does not have a password defined in manager.conf, resulting in a NULL pointer dereference.
Status Published
Exploitability 0.5
Weighted Severity 7.0
Risk 3.5
Affected and Fixed Packages Package Details
Weaknesses (0)
There are no known CWE.
System Score Found at
epss 0.02986 https://api.first.org/data/v1/epss?cve=CVE-2007-2294
epss 0.02986 https://api.first.org/data/v1/epss?cve=CVE-2007-2294
epss 0.02986 https://api.first.org/data/v1/epss?cve=CVE-2007-2294
epss 0.02986 https://api.first.org/data/v1/epss?cve=CVE-2007-2294
epss 0.02986 https://api.first.org/data/v1/epss?cve=CVE-2007-2294
epss 0.02986 https://api.first.org/data/v1/epss?cve=CVE-2007-2294
epss 0.02986 https://api.first.org/data/v1/epss?cve=CVE-2007-2294
epss 0.02986 https://api.first.org/data/v1/epss?cve=CVE-2007-2294
epss 0.02986 https://api.first.org/data/v1/epss?cve=CVE-2007-2294
epss 0.02986 https://api.first.org/data/v1/epss?cve=CVE-2007-2294
epss 0.02986 https://api.first.org/data/v1/epss?cve=CVE-2007-2294
epss 0.02986 https://api.first.org/data/v1/epss?cve=CVE-2007-2294
epss 0.02986 https://api.first.org/data/v1/epss?cve=CVE-2007-2294
epss 0.02986 https://api.first.org/data/v1/epss?cve=CVE-2007-2294
epss 0.02986 https://api.first.org/data/v1/epss?cve=CVE-2007-2294
epss 0.02986 https://api.first.org/data/v1/epss?cve=CVE-2007-2294
epss 0.02986 https://api.first.org/data/v1/epss?cve=CVE-2007-2294
epss 0.02986 https://api.first.org/data/v1/epss?cve=CVE-2007-2294
epss 0.02986 https://api.first.org/data/v1/epss?cve=CVE-2007-2294
epss 0.02986 https://api.first.org/data/v1/epss?cve=CVE-2007-2294
epss 0.02986 https://api.first.org/data/v1/epss?cve=CVE-2007-2294
epss 0.02986 https://api.first.org/data/v1/epss?cve=CVE-2007-2294
epss 0.02986 https://api.first.org/data/v1/epss?cve=CVE-2007-2294
epss 0.02986 https://api.first.org/data/v1/epss?cve=CVE-2007-2294
epss 0.02986 https://api.first.org/data/v1/epss?cve=CVE-2007-2294
epss 0.02986 https://api.first.org/data/v1/epss?cve=CVE-2007-2294
epss 0.02986 https://api.first.org/data/v1/epss?cve=CVE-2007-2294
epss 0.02986 https://api.first.org/data/v1/epss?cve=CVE-2007-2294
epss 0.02986 https://api.first.org/data/v1/epss?cve=CVE-2007-2294
epss 0.02986 https://api.first.org/data/v1/epss?cve=CVE-2007-2294
epss 0.02986 https://api.first.org/data/v1/epss?cve=CVE-2007-2294
epss 0.02986 https://api.first.org/data/v1/epss?cve=CVE-2007-2294
epss 0.02986 https://api.first.org/data/v1/epss?cve=CVE-2007-2294
epss 0.02986 https://api.first.org/data/v1/epss?cve=CVE-2007-2294
epss 0.02986 https://api.first.org/data/v1/epss?cve=CVE-2007-2294
epss 0.02986 https://api.first.org/data/v1/epss?cve=CVE-2007-2294
epss 0.02986 https://api.first.org/data/v1/epss?cve=CVE-2007-2294
epss 0.02986 https://api.first.org/data/v1/epss?cve=CVE-2007-2294
epss 0.02986 https://api.first.org/data/v1/epss?cve=CVE-2007-2294
epss 0.02986 https://api.first.org/data/v1/epss?cve=CVE-2007-2294
epss 0.02986 https://api.first.org/data/v1/epss?cve=CVE-2007-2294
epss 0.02986 https://api.first.org/data/v1/epss?cve=CVE-2007-2294
epss 0.02986 https://api.first.org/data/v1/epss?cve=CVE-2007-2294
epss 0.0339 https://api.first.org/data/v1/epss?cve=CVE-2007-2294
epss 0.0339 https://api.first.org/data/v1/epss?cve=CVE-2007-2294
epss 0.0339 https://api.first.org/data/v1/epss?cve=CVE-2007-2294
epss 0.0339 https://api.first.org/data/v1/epss?cve=CVE-2007-2294
epss 0.0339 https://api.first.org/data/v1/epss?cve=CVE-2007-2294
epss 0.0339 https://api.first.org/data/v1/epss?cve=CVE-2007-2294
epss 0.0339 https://api.first.org/data/v1/epss?cve=CVE-2007-2294
epss 0.0339 https://api.first.org/data/v1/epss?cve=CVE-2007-2294
epss 0.0339 https://api.first.org/data/v1/epss?cve=CVE-2007-2294
epss 0.0339 https://api.first.org/data/v1/epss?cve=CVE-2007-2294
epss 0.0339 https://api.first.org/data/v1/epss?cve=CVE-2007-2294
epss 0.0339 https://api.first.org/data/v1/epss?cve=CVE-2007-2294
epss 0.0339 https://api.first.org/data/v1/epss?cve=CVE-2007-2294
epss 0.0339 https://api.first.org/data/v1/epss?cve=CVE-2007-2294
epss 0.0339 https://api.first.org/data/v1/epss?cve=CVE-2007-2294
epss 0.0339 https://api.first.org/data/v1/epss?cve=CVE-2007-2294
epss 0.0339 https://api.first.org/data/v1/epss?cve=CVE-2007-2294
epss 0.0339 https://api.first.org/data/v1/epss?cve=CVE-2007-2294
epss 0.0339 https://api.first.org/data/v1/epss?cve=CVE-2007-2294
epss 0.0339 https://api.first.org/data/v1/epss?cve=CVE-2007-2294
epss 0.0339 https://api.first.org/data/v1/epss?cve=CVE-2007-2294
epss 0.0339 https://api.first.org/data/v1/epss?cve=CVE-2007-2294
epss 0.0339 https://api.first.org/data/v1/epss?cve=CVE-2007-2294
epss 0.0339 https://api.first.org/data/v1/epss?cve=CVE-2007-2294
epss 0.0339 https://api.first.org/data/v1/epss?cve=CVE-2007-2294
epss 0.03844 https://api.first.org/data/v1/epss?cve=CVE-2007-2294
epss 0.08677 https://api.first.org/data/v1/epss?cve=CVE-2007-2294
epss 0.08677 https://api.first.org/data/v1/epss?cve=CVE-2007-2294
epss 0.08677 https://api.first.org/data/v1/epss?cve=CVE-2007-2294
epss 0.08677 https://api.first.org/data/v1/epss?cve=CVE-2007-2294
epss 0.16054 https://api.first.org/data/v1/epss?cve=CVE-2007-2294
epss 0.16054 https://api.first.org/data/v1/epss?cve=CVE-2007-2294
epss 0.16054 https://api.first.org/data/v1/epss?cve=CVE-2007-2294
epss 0.16054 https://api.first.org/data/v1/epss?cve=CVE-2007-2294
epss 0.16054 https://api.first.org/data/v1/epss?cve=CVE-2007-2294
epss 0.16054 https://api.first.org/data/v1/epss?cve=CVE-2007-2294
epss 0.16054 https://api.first.org/data/v1/epss?cve=CVE-2007-2294
epss 0.16054 https://api.first.org/data/v1/epss?cve=CVE-2007-2294
epss 0.16054 https://api.first.org/data/v1/epss?cve=CVE-2007-2294
epss 0.16054 https://api.first.org/data/v1/epss?cve=CVE-2007-2294
epss 0.16054 https://api.first.org/data/v1/epss?cve=CVE-2007-2294
cvssv2 7.8 https://nvd.nist.gov/vuln/detail/CVE-2007-2294
Reference id Reference type URL
https://api.first.org/data/v1/epss?cve=CVE-2007-2294
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2294
http://secunia.com/advisories/24977
http://secunia.com/advisories/25582
http://securityreason.com/securityalert/2646
https://exchange.xforce.ibmcloud.com/vulnerabilities/33886
http://www.asterisk.org/files/ASA-2007-012.pdf
http://www.debian.org/security/2007/dsa-1358
http://www.novell.com/linux/security/advisories/2007_34_asterisk.html
http://www.osvdb.org/35369
http://www.securityfocus.com/archive/1/466911/100/0/threaded
http://www.securityfocus.com/bid/23649
http://www.securitytracker.com/id?1017955
http://www.vupen.com/english/advisories/2007/1534
cpe:2.3:a:asterisk:asterisk:1.2.0_beta1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:asterisk:asterisk:1.2.0_beta1:*:*:*:*:*:*:*
cpe:2.3:a:asterisk:asterisk:1.2.0_beta2:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:asterisk:asterisk:1.2.0_beta2:*:*:*:*:*:*:*
cpe:2.3:a:asterisk:asterisk:1.2.10:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:asterisk:asterisk:1.2.10:*:*:*:*:*:*:*
cpe:2.3:a:asterisk:asterisk:1.2.11:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:asterisk:asterisk:1.2.11:*:*:*:*:*:*:*
cpe:2.3:a:asterisk:asterisk:1.2.12:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:asterisk:asterisk:1.2.12:*:*:*:*:*:*:*
cpe:2.3:a:asterisk:asterisk:1.2.13:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:asterisk:asterisk:1.2.13:*:*:*:*:*:*:*
cpe:2.3:a:asterisk:asterisk:1.2.14:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:asterisk:asterisk:1.2.14:*:*:*:*:*:*:*
cpe:2.3:a:asterisk:asterisk:1.2.15:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:asterisk:asterisk:1.2.15:*:*:*:*:*:*:*
cpe:2.3:a:asterisk:asterisk:1.2.16:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:asterisk:asterisk:1.2.16:*:*:*:*:*:*:*
cpe:2.3:a:asterisk:asterisk:1.2.17:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:asterisk:asterisk:1.2.17:*:*:*:*:*:*:*
cpe:2.3:a:asterisk:asterisk:1.2.5:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:asterisk:asterisk:1.2.5:*:*:*:*:*:*:*
cpe:2.3:a:asterisk:asterisk:1.2.6:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:asterisk:asterisk:1.2.6:*:*:*:*:*:*:*
cpe:2.3:a:asterisk:asterisk:1.2.7:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:asterisk:asterisk:1.2.7:*:*:*:*:*:*:*
cpe:2.3:a:asterisk:asterisk:1.2.8:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:asterisk:asterisk:1.2.8:*:*:*:*:*:*:*
cpe:2.3:a:asterisk:asterisk:1.2.9:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:asterisk:asterisk:1.2.9:*:*:*:*:*:*:*
cpe:2.3:a:asterisk:asterisk:1.4.1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:asterisk:asterisk:1.4.1:*:*:*:*:*:*:*
cpe:2.3:a:asterisk:asterisk:1.4.2:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:asterisk:asterisk:1.4.2:*:*:*:*:*:*:*
cpe:2.3:a:asterisk:asterisk:1.4_beta:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:asterisk:asterisk:1.4_beta:*:*:*:*:*:*:*
CVE-2007-2294 https://nvd.nist.gov/vuln/detail/CVE-2007-2294
No exploits are available.
Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C Found at https://nvd.nist.gov/vuln/detail/CVE-2007-2294
Exploitability (E) Access Vector (AV) Access Complexity (AC) Authentication (Au) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

none

partial

complete

none

partial

complete

none

partial

complete
Exploit Prediction Scoring System (EPSS)
Percentile 0.85335
EPSS Score 0.02986
Published At March 28, 2025, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
There are no relevant records.