Search for vulnerabilities
Vulnerability details: VCID-sjpu-s48r-aaam
Vulnerability ID VCID-sjpu-s48r-aaam
Aliases CVE-2007-6430
Summary Asterisk Open Source 1.2.x before 1.2.26 and 1.4.x before 1.4.16, and Business Edition B.x.x before B.2.3.6 and C.x.x before C.1.0-beta8, when using database-based registrations ("realtime") and host-based authentication, does not check the IP address when the username is correct and there is no password, which allows remote attackers to bypass authentication using a valid username.
Status Published
Exploitability 2.0
Weighted Severity 5.5
Risk 10.0
Affected and Fixed Packages Package Details
Weaknesses (1)
CWE-287 Improper Authentication
System Score Found at
generic_textual MODERATE http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00001.html
epss 0.00492 https://api.first.org/data/v1/epss?cve=CVE-2007-6430
epss 0.00492 https://api.first.org/data/v1/epss?cve=CVE-2007-6430
epss 0.00492 https://api.first.org/data/v1/epss?cve=CVE-2007-6430
epss 0.00492 https://api.first.org/data/v1/epss?cve=CVE-2007-6430
epss 0.00492 https://api.first.org/data/v1/epss?cve=CVE-2007-6430
epss 0.00492 https://api.first.org/data/v1/epss?cve=CVE-2007-6430
epss 0.00492 https://api.first.org/data/v1/epss?cve=CVE-2007-6430
epss 0.00492 https://api.first.org/data/v1/epss?cve=CVE-2007-6430
epss 0.00492 https://api.first.org/data/v1/epss?cve=CVE-2007-6430
epss 0.00492 https://api.first.org/data/v1/epss?cve=CVE-2007-6430
epss 0.00492 https://api.first.org/data/v1/epss?cve=CVE-2007-6430
epss 0.00492 https://api.first.org/data/v1/epss?cve=CVE-2007-6430
epss 0.00492 https://api.first.org/data/v1/epss?cve=CVE-2007-6430
epss 0.00492 https://api.first.org/data/v1/epss?cve=CVE-2007-6430
epss 0.00492 https://api.first.org/data/v1/epss?cve=CVE-2007-6430
epss 0.00492 https://api.first.org/data/v1/epss?cve=CVE-2007-6430
epss 0.00492 https://api.first.org/data/v1/epss?cve=CVE-2007-6430
epss 0.00492 https://api.first.org/data/v1/epss?cve=CVE-2007-6430
epss 0.00492 https://api.first.org/data/v1/epss?cve=CVE-2007-6430
epss 0.00492 https://api.first.org/data/v1/epss?cve=CVE-2007-6430
epss 0.00492 https://api.first.org/data/v1/epss?cve=CVE-2007-6430
epss 0.00492 https://api.first.org/data/v1/epss?cve=CVE-2007-6430
epss 0.00492 https://api.first.org/data/v1/epss?cve=CVE-2007-6430
epss 0.00492 https://api.first.org/data/v1/epss?cve=CVE-2007-6430
epss 0.00492 https://api.first.org/data/v1/epss?cve=CVE-2007-6430
epss 0.00492 https://api.first.org/data/v1/epss?cve=CVE-2007-6430
epss 0.00492 https://api.first.org/data/v1/epss?cve=CVE-2007-6430
epss 0.00492 https://api.first.org/data/v1/epss?cve=CVE-2007-6430
epss 0.00492 https://api.first.org/data/v1/epss?cve=CVE-2007-6430
epss 0.00492 https://api.first.org/data/v1/epss?cve=CVE-2007-6430
epss 0.00492 https://api.first.org/data/v1/epss?cve=CVE-2007-6430
epss 0.00492 https://api.first.org/data/v1/epss?cve=CVE-2007-6430
epss 0.00492 https://api.first.org/data/v1/epss?cve=CVE-2007-6430
epss 0.00492 https://api.first.org/data/v1/epss?cve=CVE-2007-6430
epss 0.00492 https://api.first.org/data/v1/epss?cve=CVE-2007-6430
epss 0.00492 https://api.first.org/data/v1/epss?cve=CVE-2007-6430
epss 0.00492 https://api.first.org/data/v1/epss?cve=CVE-2007-6430
epss 0.00492 https://api.first.org/data/v1/epss?cve=CVE-2007-6430
epss 0.00492 https://api.first.org/data/v1/epss?cve=CVE-2007-6430
epss 0.00492 https://api.first.org/data/v1/epss?cve=CVE-2007-6430
epss 0.00492 https://api.first.org/data/v1/epss?cve=CVE-2007-6430
epss 0.00492 https://api.first.org/data/v1/epss?cve=CVE-2007-6430
epss 0.00492 https://api.first.org/data/v1/epss?cve=CVE-2007-6430
epss 0.00492 https://api.first.org/data/v1/epss?cve=CVE-2007-6430
epss 0.00492 https://api.first.org/data/v1/epss?cve=CVE-2007-6430
epss 0.00621 https://api.first.org/data/v1/epss?cve=CVE-2007-6430
epss 0.00621 https://api.first.org/data/v1/epss?cve=CVE-2007-6430
epss 0.00621 https://api.first.org/data/v1/epss?cve=CVE-2007-6430
epss 0.00621 https://api.first.org/data/v1/epss?cve=CVE-2007-6430
epss 0.00621 https://api.first.org/data/v1/epss?cve=CVE-2007-6430
epss 0.00621 https://api.first.org/data/v1/epss?cve=CVE-2007-6430
epss 0.00621 https://api.first.org/data/v1/epss?cve=CVE-2007-6430
epss 0.00621 https://api.first.org/data/v1/epss?cve=CVE-2007-6430
epss 0.00621 https://api.first.org/data/v1/epss?cve=CVE-2007-6430
epss 0.00621 https://api.first.org/data/v1/epss?cve=CVE-2007-6430
epss 0.00621 https://api.first.org/data/v1/epss?cve=CVE-2007-6430
epss 0.00621 https://api.first.org/data/v1/epss?cve=CVE-2007-6430
epss 0.00621 https://api.first.org/data/v1/epss?cve=CVE-2007-6430
epss 0.00621 https://api.first.org/data/v1/epss?cve=CVE-2007-6430
epss 0.00621 https://api.first.org/data/v1/epss?cve=CVE-2007-6430
epss 0.00621 https://api.first.org/data/v1/epss?cve=CVE-2007-6430
epss 0.00621 https://api.first.org/data/v1/epss?cve=CVE-2007-6430
epss 0.00621 https://api.first.org/data/v1/epss?cve=CVE-2007-6430
epss 0.00621 https://api.first.org/data/v1/epss?cve=CVE-2007-6430
epss 0.00621 https://api.first.org/data/v1/epss?cve=CVE-2007-6430
epss 0.00621 https://api.first.org/data/v1/epss?cve=CVE-2007-6430
epss 0.00621 https://api.first.org/data/v1/epss?cve=CVE-2007-6430
epss 0.00621 https://api.first.org/data/v1/epss?cve=CVE-2007-6430
epss 0.00621 https://api.first.org/data/v1/epss?cve=CVE-2007-6430
epss 0.00621 https://api.first.org/data/v1/epss?cve=CVE-2007-6430
epss 0.00621 https://api.first.org/data/v1/epss?cve=CVE-2007-6430
epss 0.00621 https://api.first.org/data/v1/epss?cve=CVE-2007-6430
epss 0.00621 https://api.first.org/data/v1/epss?cve=CVE-2007-6430
epss 0.00621 https://api.first.org/data/v1/epss?cve=CVE-2007-6430
epss 0.00621 https://api.first.org/data/v1/epss?cve=CVE-2007-6430
epss 0.00705 https://api.first.org/data/v1/epss?cve=CVE-2007-6430
epss 0.03024 https://api.first.org/data/v1/epss?cve=CVE-2007-6430
epss 0.03024 https://api.first.org/data/v1/epss?cve=CVE-2007-6430
epss 0.03024 https://api.first.org/data/v1/epss?cve=CVE-2007-6430
epss 0.03024 https://api.first.org/data/v1/epss?cve=CVE-2007-6430
epss 0.03024 https://api.first.org/data/v1/epss?cve=CVE-2007-6430
epss 0.03024 https://api.first.org/data/v1/epss?cve=CVE-2007-6430
epss 0.03024 https://api.first.org/data/v1/epss?cve=CVE-2007-6430
epss 0.03024 https://api.first.org/data/v1/epss?cve=CVE-2007-6430
epss 0.15310 https://api.first.org/data/v1/epss?cve=CVE-2007-6430
epss 0.15310 https://api.first.org/data/v1/epss?cve=CVE-2007-6430
epss 0.15310 https://api.first.org/data/v1/epss?cve=CVE-2007-6430
epss 0.15310 https://api.first.org/data/v1/epss?cve=CVE-2007-6430
epss 0.90958 https://api.first.org/data/v1/epss?cve=CVE-2007-6430
epss 0.90958 https://api.first.org/data/v1/epss?cve=CVE-2007-6430
epss 0.93188 https://api.first.org/data/v1/epss?cve=CVE-2007-6430
generic_textual MODERATE http://secunia.com/advisories/29242
cvssv2 4.3 https://nvd.nist.gov/vuln/detail/CVE-2007-6430
Reference id Reference type URL
http://downloads.digium.com/pub/security/AST-2007-027.html
http://lists.opensuse.org/opensuse-security-announce/2008-03/msg00001.html
https://api.first.org/data/v1/epss?cve=CVE-2007-6430
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6430
http://secunia.com/advisories/28149
http://secunia.com/advisories/29242
http://secunia.com/advisories/29456
http://secunia.com/advisories/29782
http://security.gentoo.org/glsa/glsa-200804-13.xml
http://securityreason.com/securityalert/3467
https://exchange.xforce.ibmcloud.com/vulnerabilities/39124
http://www.debian.org/security/2008/dsa-1525
http://www.osvdb.org/39519
http://www.securityfocus.com/archive/1/485287/100/0/threaded
http://www.securityfocus.com/bid/26928
http://www.securitytracker.com/id?1019110
http://www.vupen.com/english/advisories/2007/4260
457063 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=457063
cpe:2.3:a:asterisk:asterisk_business_edition:b.1.3.2:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:asterisk:asterisk_business_edition:b.1.3.2:*:*:*:*:*:*:*
cpe:2.3:a:asterisk:asterisk_business_edition:b.1.3.3:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:asterisk:asterisk_business_edition:b.1.3.3:*:*:*:*:*:*:*
cpe:2.3:a:asterisk:asterisk_business_edition:b.2.2.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:asterisk:asterisk_business_edition:b.2.2.0:*:*:*:*:*:*:*
cpe:2.3:a:asterisk:asterisk_business_edition:b.2.2.1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:asterisk:asterisk_business_edition:b.2.2.1:*:*:*:*:*:*:*
cpe:2.3:a:asterisk:asterisk_business_edition:b.2.3.1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:asterisk:asterisk_business_edition:b.2.3.1:*:*:*:*:*:*:*
cpe:2.3:a:asterisk:asterisk_business_edition:b.2.3.2:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:asterisk:asterisk_business_edition:b.2.3.2:*:*:*:*:*:*:*
cpe:2.3:a:asterisk:asterisk_business_edition:b.2.3.3:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:asterisk:asterisk_business_edition:b.2.3.3:*:*:*:*:*:*:*
cpe:2.3:a:asterisk:asterisk_business_edition:b.2.3.4:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:asterisk:asterisk_business_edition:b.2.3.4:*:*:*:*:*:*:*
cpe:2.3:a:asterisk:asterisk_business_edition:c.1.0beta7:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:asterisk:asterisk_business_edition:c.1.0beta7:*:*:*:*:*:*:*
cpe:2.3:a:asterisk:open_source:1.2.0beta1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:asterisk:open_source:1.2.0beta1:*:*:*:*:*:*:*
cpe:2.3:a:asterisk:open_source:1.2.0beta2:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:asterisk:open_source:1.2.0beta2:*:*:*:*:*:*:*
cpe:2.3:a:asterisk:open_source:1.2.10:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:asterisk:open_source:1.2.10:*:*:*:*:*:*:*
cpe:2.3:a:asterisk:open_source:1.2.11:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:asterisk:open_source:1.2.11:*:*:*:*:*:*:*
cpe:2.3:a:asterisk:open_source:1.2.13:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:asterisk:open_source:1.2.13:*:*:*:*:*:*:*
cpe:2.3:a:asterisk:open_source:1.2.14:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:asterisk:open_source:1.2.14:*:*:*:*:*:*:*
cpe:2.3:a:asterisk:open_source:1.2.15:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:asterisk:open_source:1.2.15:*:*:*:*:*:*:*
cpe:2.3:a:asterisk:open_source:1.2.16:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:asterisk:open_source:1.2.16:*:*:*:*:*:*:*
cpe:2.3:a:asterisk:open_source:1.2.17:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:asterisk:open_source:1.2.17:*:*:*:*:*:*:*
cpe:2.3:a:asterisk:open_source:1.2.18:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:asterisk:open_source:1.2.18:*:*:*:*:*:*:*
cpe:2.3:a:asterisk:open_source:1.2.19:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:asterisk:open_source:1.2.19:*:*:*:*:*:*:*
cpe:2.3:a:asterisk:open_source:1.2.21:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:asterisk:open_source:1.2.21:*:*:*:*:*:*:*
cpe:2.3:a:asterisk:open_source:1.2.22:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:asterisk:open_source:1.2.22:*:*:*:*:*:*:*
cpe:2.3:a:asterisk:open_source:1.2.23:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:asterisk:open_source:1.2.23:*:*:*:*:*:*:*
cpe:2.3:a:asterisk:open_source:1.2.24:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:asterisk:open_source:1.2.24:*:*:*:*:*:*:*
cpe:2.3:a:asterisk:open_source:1.2.25:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:asterisk:open_source:1.2.25:*:*:*:*:*:*:*
cpe:2.3:a:asterisk:open_source:1.2.5:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:asterisk:open_source:1.2.5:*:*:*:*:*:*:*
cpe:2.3:a:asterisk:open_source:1.2.6:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:asterisk:open_source:1.2.6:*:*:*:*:*:*:*
cpe:2.3:a:asterisk:open_source:1.2.7:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:asterisk:open_source:1.2.7:*:*:*:*:*:*:*
cpe:2.3:a:asterisk:open_source:1.2.8:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:asterisk:open_source:1.2.8:*:*:*:*:*:*:*
cpe:2.3:a:asterisk:open_source:1.2.9:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:asterisk:open_source:1.2.9:*:*:*:*:*:*:*
cpe:2.3:a:asterisk:open_source:1.4.1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:asterisk:open_source:1.4.1:*:*:*:*:*:*:*
cpe:2.3:a:asterisk:open_source:1.4.10:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:asterisk:open_source:1.4.10:*:*:*:*:*:*:*
cpe:2.3:a:asterisk:open_source:1.4.11:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:asterisk:open_source:1.4.11:*:*:*:*:*:*:*
cpe:2.3:a:asterisk:open_source:1.4.12:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:asterisk:open_source:1.4.12:*:*:*:*:*:*:*
cpe:2.3:a:asterisk:open_source:1.4.13:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:asterisk:open_source:1.4.13:*:*:*:*:*:*:*
cpe:2.3:a:asterisk:open_source:1.4.14:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:asterisk:open_source:1.4.14:*:*:*:*:*:*:*
cpe:2.3:a:asterisk:open_source:1.4.15:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:asterisk:open_source:1.4.15:*:*:*:*:*:*:*
cpe:2.3:a:asterisk:open_source:1.4.2:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:asterisk:open_source:1.4.2:*:*:*:*:*:*:*
cpe:2.3:a:asterisk:open_source:1.4.3:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:asterisk:open_source:1.4.3:*:*:*:*:*:*:*
cpe:2.3:a:asterisk:open_source:1.4.4:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:asterisk:open_source:1.4.4:*:*:*:*:*:*:*
cpe:2.3:a:asterisk:open_source:1.4.5:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:asterisk:open_source:1.4.5:*:*:*:*:*:*:*
cpe:2.3:a:asterisk:open_source:1.4.6:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:asterisk:open_source:1.4.6:*:*:*:*:*:*:*
cpe:2.3:a:asterisk:open_source:1.4.7:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:asterisk:open_source:1.4.7:*:*:*:*:*:*:*
cpe:2.3:a:asterisk:open_source:1.4.8:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:asterisk:open_source:1.4.8:*:*:*:*:*:*:*
cpe:2.3:a:asterisk:open_source:1.4.9:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:asterisk:open_source:1.4.9:*:*:*:*:*:*:*
cpe:2.3:a:asterisk:open_source:1.4beta:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:asterisk:open_source:1.4beta:*:*:*:*:*:*:*
CVE-2007-6430 https://nvd.nist.gov/vuln/detail/CVE-2007-6430
GLSA-200804-13 https://security.gentoo.org/glsa/200804-13
No exploits are available.
Vector: AV:N/AC:M/Au:N/C:P/I:N/A:N Found at https://nvd.nist.gov/vuln/detail/CVE-2007-6430
Exploitability (E) Access Vector (AV) Access Complexity (AC) Authentication (Au) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

none

partial

complete

none

partial

complete

none

partial

complete
Exploit Prediction Scoring System (EPSS)
Percentile 0.62887
EPSS Score 0.00492
Published At March 28, 2025, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
There are no relevant records.