CVE-2022-31002 - OpenCVE

Sofia-SIP is an open-source Session Initiation Protocol (SIP) User-Agent library. Prior to version 1.13.8, an attacker can send a message with evil sdp to FreeSWITCH, which may cause a crash. This type of crash may be caused by a URL ending with `%`. Version 1.13.8 contains a patch for this issue.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

AV:N/AC:L/Au:N/C:N/I:N/A:P

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Debian	Debian Linux
Signalwire	Sofia-sip

Configuration 1 [-]

cpe:2.3:a:signalwire:sofia-sip:*:*:*:*:*:*:*:*

Configuration 2 [-]

cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://github.com/freeswitch/sofia-sip/commit/51841eb53679434a386fb2dcbca925dcc48d58ba
https://github.com/freeswitch/sofia-sip/security/advisories/GHSA-g3x6-p824-x6hm
https://lists.debian.org/debian-lts-announce/2022/09/msg00001.html
https://security.gentoo.org/glsa/202210-18
https://www.debian.org/security/2023/dsa-5410

History

No history.

MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published: 2022-05-31T00:00:00

Updated: 2024-08-03T07:03:40.241Z

Reserved: 2022-05-18T00:00:00

Link: CVE-2022-31002

Vulnrichment

No data.

NVD

Status : Modified

Published: 2022-05-31T19:15:07.717

Modified: 2023-05-24T21:15:10.667

Link: CVE-2022-31002

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2022-31002", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "assignerShortName": "GitHub_M", "dateUpdated": "2024-08-03T07:03:40.241Z", "dateReserved": "2022-05-18T00:00:00", "datePublished": "2022-05-31T00:00:00"}, "containers": {"cna": {"title": "Out-of-bounds Read in Sofia-SIP", "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2023-05-24T00:00:00"}, "descriptions": [{"lang": "en", "value": "Sofia-SIP is an open-source Session Initiation Protocol (SIP) User-Agent library. Prior to version 1.13.8, an attacker can send a message with evil sdp to FreeSWITCH, which may cause a crash. This type of crash may be caused by a URL ending with `%`. Version 1.13.8 contains a patch for this issue."}], "affected": [{"vendor": "freeswitch", "product": "sofia-sip", "versions": [{"version": "< 1.13.8", "status": "affected"}]}], "references": [{"url": "https://github.com/freeswitch/sofia-sip/security/advisories/GHSA-g3x6-p824-x6hm"}, {"url": "https://github.com/freeswitch/sofia-sip/commit/51841eb53679434a386fb2dcbca925dcc48d58ba"}, {"name": "[debian-lts-announce] 20220902 [SECURITY] [DLA 3091-1] sofia-sip security update", "tags": ["mailing-list"], "url": "https://lists.debian.org/debian-lts-announce/2022/09/msg00001.html"}, {"name": "GLSA-202210-18", "tags": ["vendor-advisory"], "url": "https://security.gentoo.org/glsa/202210-18"}, {"name": "DSA-5410", "tags": ["vendor-advisory"], "url": "https://www.debian.org/security/2023/dsa-5410"}], "metrics": [{"cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH"}}], "problemTypes": [{"descriptions": [{"type": "CWE", "lang": "en", "description": "CWE-125: Out-of-bounds Read", "cweId": "CWE-125"}]}], "source": {"advisory": "GHSA-g3x6-p824-x6hm", "discovery": "UNKNOWN"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T07:03:40.241Z"}, "title": "CVE Program Container", "references": [{"url": "https://github.com/freeswitch/sofia-sip/security/advisories/GHSA-g3x6-p824-x6hm", "tags": ["x_transferred"]}, {"url": "https://github.com/freeswitch/sofia-sip/commit/51841eb53679434a386fb2dcbca925dcc48d58ba", "tags": ["x_transferred"]}, {"name": "[debian-lts-announce] 20220902 [SECURITY] [DLA 3091-1] sofia-sip security update", "tags": ["mailing-list", "x_transferred"], "url": "https://lists.debian.org/debian-lts-announce/2022/09/msg00001.html"}, {"name": "GLSA-202210-18", "tags": ["vendor-advisory", "x_transferred"], "url": "https://security.gentoo.org/glsa/202210-18"}, {"name": "DSA-5410", "tags": ["vendor-advisory", "x_transferred"], "url": "https://www.debian.org/security/2023/dsa-5410"}]}]}}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:signalwire:sofia-sip:*:*:*:*:*:*:*:*", "matchCriteriaId": "C8062138-09E2-4610-9FFB-037EDC6FA766", "versionEndExcluding": "1.13.8", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Sofia-SIP is an open-source Session Initiation Protocol (SIP) User-Agent library. Prior to version 1.13.8, an attacker can send a message with evil sdp to FreeSWITCH, which may cause a crash. This type of crash may be caused by a URL ending with `%`. Version 1.13.8 contains a patch for this issue."}, {"lang": "es", "value": "Sofia-SIP es una librer\u00eda de agente de usuario del Protocolo de Iniciaci\u00f3n de Sesi\u00f3n (SIP) de c\u00f3digo abierto. En versiones anteriores a 1.13.8, un atacante puede enviar un mensaje con sdp maligno a FreeSWITCH, lo que puede causar un bloqueo. Este tipo de bloqueo puede ser causado por una URL que termine con \"%\". La versi\u00f3n 1.13.8 contiene un parche para este problema"}], "id": "CVE-2022-31002", "lastModified": "2023-05-24T21:15:10.667", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "security-advisories@github.com", "type": "Secondary"}]}, "published": "2022-05-31T19:15:07.717", "references": [{"source": "security-advisories@github.com", "tags": ["Patch", "Third Party Advisory"], "url": "https://github.com/freeswitch/sofia-sip/commit/51841eb53679434a386fb2dcbca925dcc48d58ba"}, {"source": "security-advisories@github.com", "tags": ["Exploit", "Third Party Advisory"], "url": "https://github.com/freeswitch/sofia-sip/security/advisories/GHSA-g3x6-p824-x6hm"}, {"source": "security-advisories@github.com", "tags": ["Mailing List", "Third Party Advisory"], "url": "https://lists.debian.org/debian-lts-announce/2022/09/msg00001.html"}, {"source": "security-advisories@github.com", "tags": ["Third Party Advisory"], "url": "https://security.gentoo.org/glsa/202210-18"}, {"source": "security-advisories@github.com", "url": "https://www.debian.org/security/2023/dsa-5410"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-125"}], "source": "security-advisories@github.com", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-125"}], "source": "nvd@nist.gov", "type": "Secondary"}]}