{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2012-08-30T00:00:00.000Z", "descriptions": [{"lang": "en", "value": "Incomplete blacklist vulnerability in main/manager.c in Asterisk Open Source 1.8.x before 1.8.15.1 and 10.x before 10.7.1, Certified Asterisk 1.8.11 before 1.8.11-cert6, Asterisk Digiumphones 10.x.x-digiumphones before 10.7.1-digiumphones, and Asterisk Business Edition C.3.x before C.3.7.6 allows remote authenticated users to execute arbitrary commands by leveraging originate privileges and providing an ExternalIVR value in an AMI Originate action."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2012-10-31T09:00:00.000Z", "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522", "shortName": "ibm"}, "references": [{"name": "50687", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/50687"}, {"name": "50756", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/50756"}, {"name": "DSA-2550", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "http://www.debian.org/security/2012/dsa-2550"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://downloads.asterisk.org/pub/security/AST-2012-012.html"}, {"name": "1027460", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id?1027460"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "psirt@us.ibm.com", "ID": "CVE-2012-2186", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Incomplete blacklist vulnerability in main/manager.c in Asterisk Open Source 1.8.x before 1.8.15.1 and 10.x before 10.7.1, Certified Asterisk 1.8.11 before 1.8.11-cert6, Asterisk Digiumphones 10.x.x-digiumphones before 10.7.1-digiumphones, and Asterisk Business Edition C.3.x before C.3.7.6 allows remote authenticated users to execute arbitrary commands by leveraging originate privileges and providing an ExternalIVR value in an AMI Originate action."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "50687", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/50687"}, {"name": "50756", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/50756"}, {"name": "DSA-2550", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2012/dsa-2550"}, {"name": "http://downloads.asterisk.org/pub/security/AST-2012-012.html", "refsource": "CONFIRM", "url": "http://downloads.asterisk.org/pub/security/AST-2012-012.html"}, {"name": "1027460", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id?1027460"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T19:26:08.975Z"}, "title": "CVE Program Container", "references": [{"name": "50687", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/50687"}, {"name": "50756", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/50756"}, {"name": "DSA-2550", "tags": ["vendor-advisory", "x_refsource_DEBIAN", "x_transferred"], "url": "http://www.debian.org/security/2012/dsa-2550"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://downloads.asterisk.org/pub/security/AST-2012-012.html"}, {"name": "1027460", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id?1027460"}]}]}, "cveMetadata": {"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522", "assignerShortName": "ibm", "cveId": "CVE-2012-2186", "datePublished": "2012-08-31T14:00:00.000Z", "dateReserved": "2012-04-04T00:00:00.000Z", "dateUpdated": "2024-08-06T19:26:08.975Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:asterisk:open_source:1.8.0:*:*:*:*:*:*:*", "matchCriteriaId": "ACE48FBD-2560-4477-ABD2-C90729523BC1", "vulnerable": true}, {"criteria": "cpe:2.3:a:asterisk:open_source:1.8.0:beta1:*:*:*:*:*:*", "matchCriteriaId": "97F03C40-6B70-41D1-96CF-DD5F2924D0C5", "vulnerable": true}, {"criteria": "cpe:2.3:a:asterisk:open_source:1.8.0:beta2:*:*:*:*:*:*", "matchCriteriaId": "B8F0B6E3-37B8-4780-BB17-D471A7AB7E58", "vulnerable": true}, {"criteria": "cpe:2.3:a:asterisk:open_source:1.8.0:beta3:*:*:*:*:*:*", "matchCriteriaId": "445941A9-EE2C-45C0-BCEB-9EC7F9F9439D", "vulnerable": true}, {"criteria": "cpe:2.3:a:asterisk:open_source:1.8.0:beta4:*:*:*:*:*:*", "matchCriteriaId": "7C60A84B-E0BC-491B-B6E6-76E658BB91EC", "vulnerable": true}, {"criteria": "cpe:2.3:a:asterisk:open_source:1.8.0:beta5:*:*:*:*:*:*", "matchCriteriaId": "035B04BC-C132-4CF6-9FE4-561A4104F392", "vulnerable": true}, {"criteria": "cpe:2.3:a:asterisk:open_source:1.8.0:rc1:*:*:*:*:*:*", "matchCriteriaId": "E21DF0C9-16E4-44B0-8749-85F7F245A87A", "vulnerable": true}, {"criteria": "cpe:2.3:a:asterisk:open_source:1.8.0:rc2:*:*:*:*:*:*", "matchCriteriaId": "AE6A2723-FAE7-4A87-A2A3-E94D9CC2DCB5", "vulnerable": true}, {"criteria": "cpe:2.3:a:asterisk:open_source:1.8.0:rc3:*:*:*:*:*:*", "matchCriteriaId": "37612FE6-C8B7-4925-81F5-ADB82A8F101E", "vulnerable": true}, {"criteria": "cpe:2.3:a:asterisk:open_source:1.8.0:rc4:*:*:*:*:*:*", "matchCriteriaId": "92181940-ED5C-442C-82BA-4F0F233FB11B", "vulnerable": true}, {"criteria": "cpe:2.3:a:asterisk:open_source:1.8.0:rc5:*:*:*:*:*:*", "matchCriteriaId": "28EEF1DB-00C6-4DFC-BB48-C4A308F60DAD", "vulnerable": true}, {"criteria": "cpe:2.3:a:asterisk:open_source:1.8.1:*:*:*:*:*:*:*", "matchCriteriaId": "67CE3E94-341F-4D0C-937E-39B119925C9A", "vulnerable": true}, {"criteria": "cpe:2.3:a:asterisk:open_source:1.8.1:rc1:*:*:*:*:*:*", "matchCriteriaId": "5C721635-2801-40E8-B5FE-734054D718D3", "vulnerable": true}, {"criteria": "cpe:2.3:a:asterisk:open_source:1.8.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "93F81ACF-615F-4EF5-BD73-74F4010B43D8", "vulnerable": true}, {"criteria": "cpe:2.3:a:asterisk:open_source:1.8.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "D773468A-4C2D-4B88-BAB6-C2D892A304C4", "vulnerable": true}, {"criteria": "cpe:2.3:a:asterisk:open_source:1.8.2:*:*:*:*:*:*:*", "matchCriteriaId": "15ED9311-9E4E-4998-BD99-CDEB8E4F2C74", "vulnerable": true}, {"criteria": "cpe:2.3:a:asterisk:open_source:1.8.2:rc1:*:*:*:*:*:*", "matchCriteriaId": "815F7045-FC6D-4D57-A7AE-F63B0FC67251", "vulnerable": true}, {"criteria": "cpe:2.3:a:asterisk:open_source:1.8.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "56BAE9D7-7A67-40D0-B864-66E76EBA5A84", "vulnerable": true}, {"criteria": "cpe:2.3:a:asterisk:open_source:1.8.2.2:*:*:*:*:*:*:*", "matchCriteriaId": "B82FFB08-0FCD-4839-95F4-97C09EB7E921", "vulnerable": true}, {"criteria": "cpe:2.3:a:asterisk:open_source:1.8.2.3:*:*:*:*:*:*:*", "matchCriteriaId": "10C54588-265A-4955-8C73-38ADB664EF0D", "vulnerable": true}, {"criteria": "cpe:2.3:a:asterisk:open_source:1.8.2.4:*:*:*:*:*:*:*", "matchCriteriaId": "C2D84681-F861-49BE-832F-20EBAD3B60C0", "vulnerable": true}, {"criteria": "cpe:2.3:a:asterisk:open_source:1.8.3:*:*:*:*:*:*:*", "matchCriteriaId": "2313F843-0F74-4FC9-92A2-1F721BB4C490", "vulnerable": true}, {"criteria": "cpe:2.3:a:asterisk:open_source:1.8.3:rc1:*:*:*:*:*:*", "matchCriteriaId": "09918CFC-C6A0-45ED-91EA-A4D9295C6CBA", "vulnerable": true}, {"criteria": "cpe:2.3:a:asterisk:open_source:1.8.3:rc2:*:*:*:*:*:*", "matchCriteriaId": "23E24161-31DB-4739-B16D-B0BDF5151307", "vulnerable": true}, {"criteria": "cpe:2.3:a:asterisk:open_source:1.8.3:rc3:*:*:*:*:*:*", "matchCriteriaId": "E28DAA35-FBC2-4C87-BC1F-396A0FE86C5C", "vulnerable": true}, {"criteria": "cpe:2.3:a:asterisk:open_source:1.8.3.1:*:*:*:*:*:*:*", "matchCriteriaId": "4F5E4B4F-49B7-41CB-803B-47A0081C3112", "vulnerable": true}, {"criteria": "cpe:2.3:a:asterisk:open_source:1.8.3.2:*:*:*:*:*:*:*", "matchCriteriaId": "27D37142-F88C-42DE-A0FD-B17AB7981963", "vulnerable": true}, {"criteria": "cpe:2.3:a:asterisk:open_source:1.8.3.3:*:*:*:*:*:*:*", "matchCriteriaId": "F1A5BD7C-3491-456A-A333-481977280F5F", "vulnerable": true}, {"criteria": "cpe:2.3:a:asterisk:open_source:1.8.4:*:*:*:*:*:*:*", "matchCriteriaId": "F7AFBC1D-7357-4A20-BF9D-C5B58155DAAC", "vulnerable": true}, {"criteria": "cpe:2.3:a:asterisk:open_source:1.8.4:rc1:*:*:*:*:*:*", "matchCriteriaId": "C85B74B6-EA5C-43C1-98C4-B09C41D9D8CF", "vulnerable": true}, {"criteria": "cpe:2.3:a:asterisk:open_source:1.8.4:rc2:*:*:*:*:*:*", "matchCriteriaId": "12711E11-F6CF-4A61-83FD-AD3748D7C47B", "vulnerable": true}, {"criteria": "cpe:2.3:a:asterisk:open_source:1.8.4:rc3:*:*:*:*:*:*", "matchCriteriaId": "86E83CDF-E3B5-48A8-B526-67A1618B97AA", "vulnerable": true}, {"criteria": "cpe:2.3:a:asterisk:open_source:1.8.4.1:*:*:*:*:*:*:*", "matchCriteriaId": "B9C8B329-AC4C-46E5-BAC3-B2B72C16A453", "vulnerable": true}, {"criteria": "cpe:2.3:a:asterisk:open_source:1.8.4.2:*:*:*:*:*:*:*", "matchCriteriaId": "5A81245B-0276-4D51-A3B4-9CC7233C9A44", "vulnerable": true}, {"criteria": "cpe:2.3:a:asterisk:open_source:1.8.4.3:*:*:*:*:*:*:*", "matchCriteriaId": "9DC30C27-32BD-42A9-814E-123BD18F416B", "vulnerable": true}, {"criteria": "cpe:2.3:a:asterisk:open_source:1.8.4.4:*:*:*:*:*:*:*", "matchCriteriaId": "676BA331-833E-4C8B-A523-2116752567B5", "vulnerable": true}, {"criteria": "cpe:2.3:a:asterisk:open_source:1.8.5:rc1:*:*:*:*:*:*", "matchCriteriaId": "A7D38CAA-BECD-4FD7-8E42-72CB2B1DC699", "vulnerable": true}, {"criteria": "cpe:2.3:a:asterisk:open_source:1.8.5.0:*:*:*:*:*:*:*", "matchCriteriaId": "4F211C14-8E50-4FB7-82EA-FE6975290DE1", "vulnerable": true}, {"criteria": "cpe:2.3:a:asterisk:open_source:1.8.6.0:*:*:*:*:*:*:*", "matchCriteriaId": "0698EDFB-D156-4572-9008-0243FA6FD2FC", "vulnerable": true}, {"criteria": "cpe:2.3:a:asterisk:open_source:1.8.6.0:rc1:*:*:*:*:*:*", "matchCriteriaId": "16350161-9CF1-4AD3-954C-598D249CF962", "vulnerable": true}, {"criteria": "cpe:2.3:a:asterisk:open_source:1.8.6.0:rc2:*:*:*:*:*:*", "matchCriteriaId": "24EB6F7B-AD3C-42A2-B811-3CF3EEDD8438", "vulnerable": true}, {"criteria": "cpe:2.3:a:asterisk:open_source:1.8.6.0:rc3:*:*:*:*:*:*", "matchCriteriaId": "7AC55C54-7AD7-49BE-A050-DC6878391208", "vulnerable": true}, {"criteria": "cpe:2.3:a:asterisk:open_source:1.8.7:*:*:*:*:*:*:*", "matchCriteriaId": "4AA9DBB3-1008-4CC8-B81B-991F286A6C0F", "vulnerable": true}, {"criteria": "cpe:2.3:a:asterisk:open_source:1.8.7.0:*:*:*:*:*:*:*", "matchCriteriaId": "1B208EBB-0387-4223-A196-CE142E6B908B", "vulnerable": true}, {"criteria": "cpe:2.3:a:asterisk:open_source:1.8.7.0:rc1:*:*:*:*:*:*", "matchCriteriaId": "095BF874-0E0B-4F8F-8A11-ED096DD3A824", "vulnerable": true}, {"criteria": "cpe:2.3:a:asterisk:open_source:1.8.7.0:rc2:*:*:*:*:*:*", "matchCriteriaId": "4067E71D-93A8-4B56-AE4A-FCB6E31577E6", "vulnerable": true}, {"criteria": "cpe:2.3:a:asterisk:open_source:1.8.7.1:*:*:*:*:*:*:*", "matchCriteriaId": "9D301553-EF77-4494-A893-FDC12E6A8C16", "vulnerable": true}, {"criteria": "cpe:2.3:a:asterisk:open_source:1.8.7.2:*:*:*:*:*:*:*", "matchCriteriaId": "35362678-3960-40E0-BB94-4642F09DDB4F", "vulnerable": true}, {"criteria": "cpe:2.3:a:asterisk:open_source:1.8.8.0:*:*:*:*:*:*:*", "matchCriteriaId": "779DEAC5-CBC7-4844-9A2E-97AEB49704EB", "vulnerable": true}, {"criteria": "cpe:2.3:a:asterisk:open_source:1.8.8.0:rc1:*:*:*:*:*:*", "matchCriteriaId": "913D2C84-B987-4DEE-8F9E-0FDF14BECE2E", "vulnerable": true}, {"criteria": "cpe:2.3:a:asterisk:open_source:1.8.8.0:rc2:*:*:*:*:*:*", "matchCriteriaId": "63889FD0-714B-4E02-8F34-00E4857A544A", "vulnerable": true}, {"criteria": "cpe:2.3:a:asterisk:open_source:1.8.8.0:rc3:*:*:*:*:*:*", "matchCriteriaId": "A15B538D-DC9D-46B4-A455-341E8A2831E4", "vulnerable": true}, {"criteria": "cpe:2.3:a:asterisk:open_source:1.8.8.0:rc4:*:*:*:*:*:*", "matchCriteriaId": "8FE32479-5D98-443F-8FA9-F6281726BDF9", "vulnerable": true}, {"criteria": "cpe:2.3:a:asterisk:open_source:1.8.8.0:rc5:*:*:*:*:*:*", "matchCriteriaId": "78841A3E-7D56-4737-9815-E1144FD0A44A", "vulnerable": true}, {"criteria": "cpe:2.3:a:asterisk:open_source:1.8.8.1:*:*:*:*:*:*:*", "matchCriteriaId": "A6CE8D88-E407-4E9F-8418-E95C16A55358", "vulnerable": true}, {"criteria": "cpe:2.3:a:asterisk:open_source:1.8.8.2:*:*:*:*:*:*:*", "matchCriteriaId": "3BDEDE38-79FE-4B21-BE42-E8AA14475AA6", "vulnerable": true}, {"criteria": "cpe:2.3:a:asterisk:open_source:1.8.9.0:*:*:*:*:*:*:*", "matchCriteriaId": "CC295454-D897-425C-BFC8-91A72865A132", "vulnerable": true}, {"criteria": "cpe:2.3:a:asterisk:open_source:1.8.9.0:rc1:*:*:*:*:*:*", "matchCriteriaId": "3830A3E2-09A1-487E-8EFA-27F8B4C61CB4", "vulnerable": true}, {"criteria": "cpe:2.3:a:asterisk:open_source:1.8.9.0:rc2:*:*:*:*:*:*", "matchCriteriaId": "CAC942FB-83A2-4698-B410-F4C6AED0849A", "vulnerable": true}, {"criteria": "cpe:2.3:a:asterisk:open_source:1.8.9.0:rc3:*:*:*:*:*:*", "matchCriteriaId": "86ED40AD-0A52-4B4C-B4CA-F8D1A4CAF866", "vulnerable": true}, {"criteria": "cpe:2.3:a:asterisk:open_source:1.8.9.1:*:*:*:*:*:*:*", "matchCriteriaId": "B7128AC5-5DD7-4BD3-B14C-4ADA155DD5E7", "vulnerable": true}, {"criteria": "cpe:2.3:a:asterisk:open_source:1.8.9.2:*:*:*:*:*:*:*", "matchCriteriaId": "FA2C32DA-44CE-4407-84B2-02B0D0474000", "vulnerable": true}, {"criteria": "cpe:2.3:a:asterisk:open_source:1.8.9.3:*:*:*:*:*:*:*", "matchCriteriaId": "F2B032B5-06AB-4ABE-B51E-DE5C13458C03", "vulnerable": true}, {"criteria": "cpe:2.3:a:asterisk:open_source:1.8.10.0:*:*:*:*:*:*:*", "matchCriteriaId": "07FC62DE-74D3-42A9-94E8-6DCE62F3D2B6", "vulnerable": true}, {"criteria": "cpe:2.3:a:asterisk:open_source:1.8.10.0:rc1:*:*:*:*:*:*", "matchCriteriaId": "39E78E52-2AA4-42A5-9CE6-22DF2CF01704", "vulnerable": true}, {"criteria": "cpe:2.3:a:asterisk:open_source:1.8.10.0:rc2:*:*:*:*:*:*", "matchCriteriaId": "3DF04D4C-DFED-4E71-BA0C-854823BB41CC", "vulnerable": true}, {"criteria": "cpe:2.3:a:asterisk:open_source:1.8.10.0:rc3:*:*:*:*:*:*", "matchCriteriaId": "518A8882-B1A6-408E-9B39-F01034A50190", "vulnerable": true}, {"criteria": "cpe:2.3:a:asterisk:open_source:1.8.10.0:rc4:*:*:*:*:*:*", "matchCriteriaId": "2EBBB850-2AE6-4EC1-993F-AD7AF2E80008", "vulnerable": true}, {"criteria": "cpe:2.3:a:asterisk:open_source:1.8.10.1:*:*:*:*:*:*:*", "matchCriteriaId": "F33168AF-A3FB-4694-9DC8-CC28A7C3B3E2", "vulnerable": true}, {"criteria": "cpe:2.3:a:asterisk:open_source:1.8.11.0:*:*:*:*:*:*:*", "matchCriteriaId": "E1075D5D-5F81-4E26-90B0-60659B8D36B6", "vulnerable": true}, {"criteria": "cpe:2.3:a:asterisk:open_source:1.8.11.0:rc2:*:*:*:*:*:*", "matchCriteriaId": "6880B042-11B1-430F-90A1-70F93FC5BAF2", "vulnerable": true}, {"criteria": "cpe:2.3:a:asterisk:open_source:1.8.11.0:rc3:*:*:*:*:*:*", "matchCriteriaId": "0F074B06-6788-47AB-8C39-BA5E2E39ACC4", "vulnerable": true}, {"criteria": "cpe:2.3:a:asterisk:open_source:1.8.11.1:*:*:*:*:*:*:*", "matchCriteriaId": "47805A52-856B-4C30-A04F-0B683FDBE075", "vulnerable": true}, {"criteria": "cpe:2.3:a:asterisk:open_source:1.8.12:*:*:*:*:*:*:*", "matchCriteriaId": "1ACB7C4A-7CF7-4D57-B65D-741AFA6393EC", "vulnerable": true}, {"criteria": "cpe:2.3:a:asterisk:open_source:1.8.12.0:*:*:*:*:*:*:*", "matchCriteriaId": "48300C6F-FAF2-4F0A-959F-4B1801AE7D4F", "vulnerable": true}, {"criteria": "cpe:2.3:a:asterisk:open_source:1.8.12.0:rc1:*:*:*:*:*:*", "matchCriteriaId": "85522E25-E76C-4CCF-AB7C-A74E1703D919", "vulnerable": true}, {"criteria": "cpe:2.3:a:asterisk:open_source:1.8.12.0:rc2:*:*:*:*:*:*", "matchCriteriaId": "AC3BE912-0B42-416B-A0E2-B17FDF07BAAB", "vulnerable": true}, {"criteria": "cpe:2.3:a:asterisk:open_source:1.8.12.0:rc3:*:*:*:*:*:*", "matchCriteriaId": "4FC9C2FB-A77B-4242-B4A1-92112E1C19B2", "vulnerable": true}, {"criteria": "cpe:2.3:a:sangoma:asterisk:*:*:*:*:*:*:*:*", "matchCriteriaId": "9DA237F1-0378-4B8C-9981-B3B47BCB3C50", "versionEndIncluding": "1.8.15.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:asterisk:open_source:10.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "33DD2B8E-6AB1-45CD-85F5-E0F5234585BF", "vulnerable": true}, {"criteria": "cpe:2.3:a:asterisk:open_source:10.0.0:beta1:*:*:*:*:*:*", "matchCriteriaId": "52BDDAC0-5CEE-4054-8930-EAF25FE528FD", "vulnerable": true}, {"criteria": "cpe:2.3:a:asterisk:open_source:10.0.0:beta2:*:*:*:*:*:*", "matchCriteriaId": "1CEB28DD-EAEA-45AF-8D7B-09E93AFABA49", "vulnerable": true}, {"criteria": "cpe:2.3:a:asterisk:open_source:10.0.0:rc1:*:*:*:*:*:*", "matchCriteriaId": "12BCF63F-DA77-48A1-861D-F6E710E3CA16", "vulnerable": true}, {"criteria": "cpe:2.3:a:asterisk:open_source:10.0.0:rc2:*:*:*:*:*:*", "matchCriteriaId": "AD0D03FF-3FF6-40D0-A78E-CBDEA4FE4F14", "vulnerable": true}, {"criteria": "cpe:2.3:a:asterisk:open_source:10.0.0:rc3:*:*:*:*:*:*", "matchCriteriaId": "66666CD2-8921-4641-AD72-21F4386DC731", "vulnerable": true}, {"criteria": "cpe:2.3:a:asterisk:open_source:10.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "E55A7B81-4661-4E77-94FE-DA8D6261DC74", "vulnerable": true}, {"criteria": "cpe:2.3:a:asterisk:open_source:10.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "0C549DD5-68F9-44FC-92B9-09A0E6F87315", "vulnerable": true}, {"criteria": "cpe:2.3:a:asterisk:open_source:10.1.0:rc1:*:*:*:*:*:*", "matchCriteriaId": "51407A8B-AF19-43FA-8D57-A6A35D465D1E", "vulnerable": true}, {"criteria": "cpe:2.3:a:asterisk:open_source:10.1.0:rc2:*:*:*:*:*:*", "matchCriteriaId": "911CCAF6-6E29-43B6-AF76-909016CD46ED", "vulnerable": true}, {"criteria": "cpe:2.3:a:asterisk:open_source:10.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "964672AE-C840-465E-BE8A-8E19D9C060AF", "vulnerable": true}, {"criteria": "cpe:2.3:a:asterisk:open_source:10.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "48827211-8F2F-4801-A5CD-77B07D1DD320", "vulnerable": true}, {"criteria": "cpe:2.3:a:asterisk:open_source:10.1.3:*:*:*:*:*:*:*", "matchCriteriaId": "D2463AD2-B341-494C-87AF-73B69B75D162", "vulnerable": true}, {"criteria": "cpe:2.3:a:asterisk:open_source:10.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "7B46E218-9EFA-4224-BC5D-1A2F38559E38", "vulnerable": true}, {"criteria": "cpe:2.3:a:asterisk:open_source:10.2.0:rc1:*:*:*:*:*:*", "matchCriteriaId": "6F1F43E8-6159-46FA-8BF5-360EA9D466BA", "vulnerable": true}, {"criteria": "cpe:2.3:a:asterisk:open_source:10.2.0:rc2:*:*:*:*:*:*", "matchCriteriaId": "F75E0A69-9251-4CE1-9E83-188F0D35DEFC", "vulnerable": true}, {"criteria": "cpe:2.3:a:asterisk:open_source:10.2.0:rc3:*:*:*:*:*:*", "matchCriteriaId": "17E6BD3C-B88D-4C80-B77F-2A95767B9A71", "vulnerable": true}, {"criteria": "cpe:2.3:a:asterisk:open_source:10.2.0:rc4:*:*:*:*:*:*", "matchCriteriaId": "3AC1C9EC-A84F-401B-BF59-F4938B6A2F59", "vulnerable": true}, {"criteria": "cpe:2.3:a:asterisk:open_source:10.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "1E5DACA8-EBD6-4854-A32E-EDBD8C28B3D4", "vulnerable": true}, {"criteria": "cpe:2.3:a:asterisk:open_source:10.3:*:*:*:*:*:*:*", "matchCriteriaId": "FCB76519-FD6D-4D74-8DF7-719822588C12", "vulnerable": true}, {"criteria": "cpe:2.3:a:asterisk:open_source:10.3.0:*:*:*:*:*:*:*", "matchCriteriaId": "A6AB0DE5-0843-4A7A-A1C9-2FD7924FBEDC", "vulnerable": true}, {"criteria": "cpe:2.3:a:asterisk:open_source:10.3.0:rc2:*:*:*:*:*:*", "matchCriteriaId": "335F9C06-5E40-4E14-B018-15151E14414D", "vulnerable": true}, {"criteria": "cpe:2.3:a:asterisk:open_source:10.3.0:rc3:*:*:*:*:*:*", "matchCriteriaId": "9E8F15FB-C6B5-4A4F-A7AD-E2BF0162D1DF", "vulnerable": true}, {"criteria": "cpe:2.3:a:asterisk:open_source:10.3.1:*:*:*:*:*:*:*", "matchCriteriaId": "BC77FCCF-EE5C-4121-A0AF-B9DC71E72C1A", "vulnerable": true}, {"criteria": "cpe:2.3:a:asterisk:open_source:10.4.0:*:*:*:*:*:*:*", "matchCriteriaId": "B1C33423-6093-4DC9-BCFF-77003776373E", "vulnerable": true}, {"criteria": "cpe:2.3:a:asterisk:open_source:10.4.0:rc1:*:*:*:*:*:*", "matchCriteriaId": "9DEA8945-9ACD-4CE7-A5E6-5207E16C663E", "vulnerable": true}, {"criteria": "cpe:2.3:a:asterisk:open_source:10.4.0:rc2:*:*:*:*:*:*", "matchCriteriaId": "B2A7FC21-74FF-48BF-9BA8-A143FCB2BF3A", "vulnerable": true}, {"criteria": "cpe:2.3:a:asterisk:open_source:10.4.0:rc3:*:*:*:*:*:*", "matchCriteriaId": "C4FCD6B4-ED33-424F-AD30-64227894B0B8", "vulnerable": true}, {"criteria": "cpe:2.3:a:sangoma:asterisk:*:*:*:*:*:*:*:*", "matchCriteriaId": "F6558058-33DA-43F1-9690-5DA11D5CC713", "versionEndIncluding": "10.7.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:asterisk:certified_asterisk:*:cert5:*:*:*:*:*:*", "matchCriteriaId": "345918B8-ABB8-4E60-A3AD-C006AD24FEC4", "versionEndIncluding": "1.8.11", "vulnerable": true}, {"criteria": "cpe:2.3:a:asterisk:certified_asterisk:1.8.11:cert:*:*:*:*:*:*", "matchCriteriaId": "4889B1B5-5160-476E-A1C0-BEAE63C85CEA", "vulnerable": true}, {"criteria": "cpe:2.3:a:asterisk:certified_asterisk:1.8.11:cert1:*:*:*:*:*:*", "matchCriteriaId": "62867AEF-D685-4B1F-8AB9-D1CCAC559821", "vulnerable": true}, {"criteria": "cpe:2.3:a:asterisk:certified_asterisk:1.8.11:cert2:*:*:*:*:*:*", "matchCriteriaId": "F7C792E2-FBBA-4F1D-8842-5E47B4365FBA", "vulnerable": true}, {"criteria": "cpe:2.3:a:asterisk:certified_asterisk:1.8.11:cert3:*:*:*:*:*:*", "matchCriteriaId": "B14F1E15-52B4-4947-83EA-85D535FFB55E", "vulnerable": true}, {"criteria": "cpe:2.3:a:asterisk:certified_asterisk:1.8.11:cert4:*:*:*:*:*:*", "matchCriteriaId": "02461B94-32BA-487E-9E9E-D9B5AAAFF602", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:asterisk:digiumphones:*:*:*:*:*:*:*:*", "matchCriteriaId": "7438E927-F320-4E40-AE4E-F571483A5D2F", "versionEndIncluding": "10.7.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:asterisk:business_edition:*:*:*:*:*:*:*:*", "matchCriteriaId": "94539528-4DD3-4BB6-BFFE-920A3937A665", "versionEndIncluding": "c.3.7.5", "vulnerable": true}, {"criteria": "cpe:2.3:a:asterisk:business_edition:c.3.0:*:*:*:*:*:*:*", "matchCriteriaId": "17D78AA8-AF67-4343-A9B0-EFC63D8CC4BC", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Incomplete blacklist vulnerability in main/manager.c in Asterisk Open Source 1.8.x before 1.8.15.1 and 10.x before 10.7.1, Certified Asterisk 1.8.11 before 1.8.11-cert6, Asterisk Digiumphones 10.x.x-digiumphones before 10.7.1-digiumphones, and Asterisk Business Edition C.3.x before C.3.7.6 allows remote authenticated users to execute arbitrary commands by leveraging originate privileges and providing an ExternalIVR value in an AMI Originate action."}, {"lang": "es", "value": "Vulnerabilidad de lista negra incompleta en main/manager.c en Asterisk Open Source v1.8.x antes de v1.8.15.1 y v10.x antes de v10.7.1, Certified Asterisk v1.8.11-8.1.11 antes de cert6, Digiumphones Asterisk v10.xx-digiumphones antes de v10.7.1-digiumphones y Asterisk Business Edition C.3.x antes de C.3.7.6 permite a usuarios remotos autenticados ejecutar comandos de su elecci\u00f3n aprovech\u00e1ndose de los privilegios de origen y proporcionando un valor ExternalIVR en una acci\u00f3n IAM Originate.\r\n"}], "id": "CVE-2012-2186", "lastModified": "2025-04-11T00:51:21.963", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "COMPLETE", "baseScore": 9.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 8.0, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2012-08-31T14:55:00.950", "references": [{"source": "psirt@us.ibm.com", "tags": ["Patch", "Vendor Advisory"], "url": "http://downloads.asterisk.org/pub/security/AST-2012-012.html"}, {"source": "psirt@us.ibm.com", "url": "http://secunia.com/advisories/50687"}, {"source": "psirt@us.ibm.com", "url": "http://secunia.com/advisories/50756"}, {"source": "psirt@us.ibm.com", "url": "http://www.debian.org/security/2012/dsa-2550"}, {"source": "psirt@us.ibm.com", "url": "http://www.securitytracker.com/id?1027460"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Vendor Advisory"], "url": "http://downloads.asterisk.org/pub/security/AST-2012-012.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/50687"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/50756"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2012/dsa-2550"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securitytracker.com/id?1027460"}], "sourceIdentifier": "psirt@us.ibm.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}

{}