Denial of Service Vulnerability in Asterisk 13.x and 14.x

Denial of Service Vulnerability in Asterisk 13.x and 14.x

CVE-2017-14098 · MEDIUM Severity

AV:N/AC:L/AU:N/C:N/I:N/A:P

In the pjsip channel driver (res_pjsip) in Asterisk 13.x before 13.17.1 and 14.x before 14.6.1, a carefully crafted tel URI in a From, To, or Contact header could cause Asterisk to crash.

Learn more about our Contact.