VulnerableCode Vulnerability Details

Search for vulnerabilities

System	Score	Found at
epss	0.0004	https://api.first.org/data/v1/epss?cve=CVE-2021-46837
epss	0.0004	https://api.first.org/data/v1/epss?cve=CVE-2021-46837
epss	0.0004	https://api.first.org/data/v1/epss?cve=CVE-2021-46837
epss	0.0004	https://api.first.org/data/v1/epss?cve=CVE-2021-46837
epss	0.0004	https://api.first.org/data/v1/epss?cve=CVE-2021-46837
epss	0.0004	https://api.first.org/data/v1/epss?cve=CVE-2021-46837
epss	0.0004	https://api.first.org/data/v1/epss?cve=CVE-2021-46837
epss	0.0004	https://api.first.org/data/v1/epss?cve=CVE-2021-46837
epss	0.0004	https://api.first.org/data/v1/epss?cve=CVE-2021-46837
epss	0.0004	https://api.first.org/data/v1/epss?cve=CVE-2021-46837
epss	0.0004	https://api.first.org/data/v1/epss?cve=CVE-2021-46837
epss	0.0004	https://api.first.org/data/v1/epss?cve=CVE-2021-46837
epss	0.0004	https://api.first.org/data/v1/epss?cve=CVE-2021-46837
epss	0.0004	https://api.first.org/data/v1/epss?cve=CVE-2021-46837
epss	0.0004	https://api.first.org/data/v1/epss?cve=CVE-2021-46837
epss	0.0004	https://api.first.org/data/v1/epss?cve=CVE-2021-46837
epss	0.0004	https://api.first.org/data/v1/epss?cve=CVE-2021-46837
cvssv3.1	6.5	https://nvd.nist.gov/vuln/detail/CVE-2021-46837

System

Score

Found at

epss

0.0004

https://api.first.org/data/v1/epss?cve=CVE-2021-46837

epss

0.0004

https://api.first.org/data/v1/epss?cve=CVE-2021-46837

epss

0.0004

https://api.first.org/data/v1/epss?cve=CVE-2021-46837

epss

0.0004

https://api.first.org/data/v1/epss?cve=CVE-2021-46837

epss

0.0004

https://api.first.org/data/v1/epss?cve=CVE-2021-46837

epss

0.0004

https://api.first.org/data/v1/epss?cve=CVE-2021-46837

epss

0.0004

https://api.first.org/data/v1/epss?cve=CVE-2021-46837

epss

0.0004

https://api.first.org/data/v1/epss?cve=CVE-2021-46837

epss

0.0004

https://api.first.org/data/v1/epss?cve=CVE-2021-46837

epss

0.0004

https://api.first.org/data/v1/epss?cve=CVE-2021-46837

epss

0.0004

https://api.first.org/data/v1/epss?cve=CVE-2021-46837

epss

0.0004

https://api.first.org/data/v1/epss?cve=CVE-2021-46837

epss

0.0004

https://api.first.org/data/v1/epss?cve=CVE-2021-46837

epss

0.0004

https://api.first.org/data/v1/epss?cve=CVE-2021-46837

epss

0.0004

https://api.first.org/data/v1/epss?cve=CVE-2021-46837

epss

0.0004

https://api.first.org/data/v1/epss?cve=CVE-2021-46837

epss

0.0004

https://api.first.org/data/v1/epss?cve=CVE-2021-46837

cvssv3.1

6.5

https://nvd.nist.gov/vuln/detail/CVE-2021-46837

Reference id

Reference type

URL

https://api.first.org/data/v1/epss?cve=CVE-2021-46837

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37706

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43299

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43300

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43301

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43302

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43303

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43804

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43845

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46837

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21722

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21723

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23608

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24763

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24764

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24786

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24792

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24793

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26498

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26499

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26651

https://downloads.asterisk.org/pub/security/AST-2021-006.html

1018073

https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1018073

cpe:2.3:a:asterisk:certified_asterisk:16.8.0:-:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:asterisk:certified_asterisk:16.8.0:-:*:*:*:*:*:*

cpe:2.3:a:asterisk:certified_asterisk:16.8.0:cert1:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:asterisk:certified_asterisk:16.8.0:cert1:*:*:*:*:*:*

cpe:2.3:a:asterisk:certified_asterisk:16.8.0:cert2:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:asterisk:certified_asterisk:16.8.0:cert2:*:*:*:*:*:*

cpe:2.3:a:asterisk:certified_asterisk:16.8.0:cert3:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:asterisk:certified_asterisk:16.8.0:cert3:*:*:*:*:*:*

cpe:2.3:a:asterisk:certified_asterisk:16.8.0:cert4:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:asterisk:certified_asterisk:16.8.0:cert4:*:*:*:*:*:*

cpe:2.3:a:asterisk:certified_asterisk:16.8.0:cert5:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:asterisk:certified_asterisk:16.8.0:cert5:*:*:*:*:*:*

cpe:2.3:a:asterisk:certified_asterisk:16.8.0:cert6:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:asterisk:certified_asterisk:16.8.0:cert6:*:*:*:*:*:*

cpe:2.3:a:digium:asterisk:*:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:digium:asterisk:*:*:*:*:*:*:*:*

cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*

cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*

cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*

CVE-2021-46837

https://nvd.nist.gov/vuln/detail/CVE-2021-46837

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Date	Actor	Action	Source	VulnerableCode Version
2025-07-31T12:22:34.531431+00:00	EPSS Importer	Import	https://epss.cyentia.com/epss_scores-current.csv.gz	37.0.0

2025-07-31T12:22:34.531431+00:00

EPSS Importer

Import

https://epss.cyentia.com/epss_scores-current.csv.gz

37.0.0

Vulnerability ID	VCID-e6he-9p7z-bbft
Aliases	CVE-2021-46837
Summary	res_pjsip_t38 in Sangoma Asterisk 16.x before 16.16.2, 17.x before 17.9.3, and 18.x before 18.2.2, and Certified Asterisk before 16.8-cert7, allows an attacker to trigger a crash by sending an m=image line and zero port in a response to a T.38 re-invite initiated by Asterisk. This is a re-occurrence of the CVE-2019-15297 symptoms but not for exactly the same reason. The crash occurs because there is an append operation relative to the active topology, but this should instead be a replace operation.
Status	Published
Exploitability	0.5
Weighted Severity	5.9
Risk	3.0
Affected and Fixed Packages	Package Details

Percentile	0.11053
EPSS Score	0.0004
Published At	July 30, 2025, 12:55 p.m.