CVE-2012-2186

NONE EPSS 87.9%
Published Aug 31, 201213y ago · Modified Jun 16, 20262w ago
Find Similar
Published Aug 31, 2012 13y ago
Last Modified Jun 16, 2026 2w ago

Description

Incomplete blacklist vulnerability in main/manager.c in Asterisk Open Source 1.8.x before 1.8.15.1 and 10.x before 10.7.1, Certified Asterisk 1.8.11 before 1.8.11-cert6, Asterisk Digiumphones 10.x.x-digiumphones before 10.7.1-digiumphones, and Asterisk Business Edition C.3.x before C.3.7.6 allows remote authenticated users to execute arbitrary commands by leveraging originate privileges and providing an ExternalIVR value in an AMI Originate action.

Threat Intelligence

EPSS Exploit Probability
87.9% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Affected Products 117

VendorProductVersionRange
asteriskopen_source1.8.0any
asteriskopen_source1.8.0any
asteriskopen_source1.8.0any
asteriskopen_source1.8.0any
asteriskopen_source1.8.0any
asteriskopen_source1.8.0any
asteriskopen_source1.8.0any
asteriskopen_source1.8.0any
asteriskopen_source1.8.0any
asteriskopen_source1.8.0any
asteriskopen_source1.8.0any
asteriskopen_source1.8.1any
asteriskopen_source1.8.1any
asteriskopen_source1.8.1.1any
asteriskopen_source1.8.1.2any
asteriskopen_source1.8.2any
asteriskopen_source1.8.2any
asteriskopen_source1.8.2.1any
asteriskopen_source1.8.2.2any
asteriskopen_source1.8.2.3any
asteriskopen_source1.8.2.4any
asteriskopen_source1.8.3any
asteriskopen_source1.8.3any
asteriskopen_source1.8.3any
asteriskopen_source1.8.3any
asteriskopen_source1.8.3.1any
asteriskopen_source1.8.3.2any
asteriskopen_source1.8.3.3any
asteriskopen_source1.8.4any
asteriskopen_source1.8.4any
asteriskopen_source1.8.4any
asteriskopen_source1.8.4any
asteriskopen_source1.8.4.1any
asteriskopen_source1.8.4.2any
asteriskopen_source1.8.4.3any
asteriskopen_source1.8.4.4any
asteriskopen_source1.8.5any
asteriskopen_source1.8.5.0any
asteriskopen_source1.8.6.0any
asteriskopen_source1.8.6.0any
asteriskopen_source1.8.6.0any
asteriskopen_source1.8.6.0any
asteriskopen_source1.8.7any
asteriskopen_source1.8.7.0any
asteriskopen_source1.8.7.0any
asteriskopen_source1.8.7.0any
asteriskopen_source1.8.7.1any
asteriskopen_source1.8.7.2any
asteriskopen_source1.8.8.0any
asteriskopen_source1.8.8.0any
asteriskopen_source1.8.8.0any
asteriskopen_source1.8.8.0any
asteriskopen_source1.8.8.0any
asteriskopen_source1.8.8.0any
asteriskopen_source1.8.8.1any
asteriskopen_source1.8.8.2any
asteriskopen_source1.8.9.0any
asteriskopen_source1.8.9.0any
asteriskopen_source1.8.9.0any
asteriskopen_source1.8.9.0any
asteriskopen_source1.8.9.1any
asteriskopen_source1.8.9.2any
asteriskopen_source1.8.9.3any
asteriskopen_source1.8.10.0any
asteriskopen_source1.8.10.0any
asteriskopen_source1.8.10.0any
asteriskopen_source1.8.10.0any
asteriskopen_source1.8.10.0any
asteriskopen_source1.8.10.1any
asteriskopen_source1.8.11.0any
asteriskopen_source1.8.11.0any
asteriskopen_source1.8.11.0any
asteriskopen_source1.8.11.1any
asteriskopen_source1.8.12any
asteriskopen_source1.8.12.0any
asteriskopen_source1.8.12.0any
asteriskopen_source1.8.12.0any
asteriskopen_source1.8.12.0any
sangomaasterisk* ≤1.8.15.0
asteriskopen_source10.0.0any
asteriskopen_source10.0.0any
asteriskopen_source10.0.0any
asteriskopen_source10.0.0any
asteriskopen_source10.0.0any
asteriskopen_source10.0.0any
asteriskopen_source10.0.1any
asteriskopen_source10.1.0any
asteriskopen_source10.1.0any
asteriskopen_source10.1.0any
asteriskopen_source10.1.1any
asteriskopen_source10.1.2any
asteriskopen_source10.1.3any
asteriskopen_source10.2.0any
asteriskopen_source10.2.0any
asteriskopen_source10.2.0any
asteriskopen_source10.2.0any
asteriskopen_source10.2.0any
asteriskopen_source10.2.1any
asteriskopen_source10.3any
asteriskopen_source10.3.0any
asteriskopen_source10.3.0any
asteriskopen_source10.3.0any
asteriskopen_source10.3.1any
asteriskopen_source10.4.0any
asteriskopen_source10.4.0any
asteriskopen_source10.4.0any
asteriskopen_source10.4.0any
sangomaasterisk* ≤10.7.0
asteriskcertified_asterisk* ≤1.8.11
asteriskcertified_asterisk1.8.11any
asteriskcertified_asterisk1.8.11any
asteriskcertified_asterisk1.8.11any
asteriskcertified_asterisk1.8.11any
asteriskcertified_asterisk1.8.11any
asteriskdigiumphones* ≤10.7.0
asteriskbusiness_edition* ≤c.3.7.5
asteriskbusiness_editionc.3.0any

References 5

Remediation