SSRF Vulnerability in Asterisk through 19.x Allows Arbitrary Requests via Identity Header

SSRF Vulnerability in Asterisk through 19.x Allows Arbitrary Requests via Identity Header

CVE-2022-26499 · CRITICAL Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

An SSRF issue was discovered in Asterisk through 19.x. When using STIR/SHAKEN, it's possible to send arbitrary requests (such as GET) to interfaces such as localhost by using the Identity header. This is fixed in 16.25.2, 18.11.2, and 19.3.2.

Learn more about our Web Application Penetration Testing UK.