Asterisk is an open source private branch exchange and telephony toolkit. After upgrade to 18.23.0, ALL unauthorized SIP requests are identified as PJSIP Endpoint of local asterisk server. This vulnerability is fixed in 18.23.1, 20.8.1, and 21.3.1.
History

Tue, 26 Aug 2025 16:30:00 +0000

Type Values Removed Values Added
First Time appeared Sangoma
Sangoma asterisk
CPEs cpe:2.3:a:sangoma:asterisk:18.23.0:*:*:*:*:*:*:*
cpe:2.3:a:sangoma:asterisk:20.8.0:*:*:*:*:*:*:*
cpe:2.3:a:sangoma:asterisk:21.3.0:*:*:*:*:*:*:*
Vendors & Products Sangoma
Sangoma asterisk

cve-icon MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published:

Updated: 2024-08-02T03:07:46.821Z

Reserved: 2024-05-10T14:24:24.341Z

Link: CVE-2024-35190

cve-icon Vulnrichment

Updated: 2024-08-02T03:07:46.821Z

cve-icon NVD

Status : Analyzed

Published: 2024-05-17T17:15:07.067

Modified: 2025-08-26T16:19:01.210

Link: CVE-2024-35190

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2025-07-12T22:44:31Z