CVE-2013-2264

NONE EPSS 65.8%
Published Apr 1, 201313y ago · Modified Jun 16, 20262w ago
Find Similar
Published Apr 1, 2013 13y ago
Last Modified Jun 16, 2026 2w ago

Description

The SIP channel driver in Asterisk Open Source 1.8.x before 1.8.20.2, 10.x before 10.12.2, and 11.x before 11.2.2; Certified Asterisk 1.8.15 before 1.8.15-cert2; Asterisk Business Edition (BE) C.3.x before C.3.8.1; and Asterisk Digiumphones 10.x-digiumphones before 10.12.2-digiumphones exhibits different behavior for invalid INVITE, SUBSCRIBE, and REGISTER transactions depending on whether the user account exists, which allows remote attackers to enumerate account names by (1) reading HTTP status codes, (2) reading additional text in a 403 (aka Forbidden) response, or (3) observing whether certain retransmissions occur.

Threat Intelligence

EPSS Exploit Probability
65.8% percentile
Exploit & Patch Status
No Known Exploit
No Patch Available

Weaknesses 1

CWE-200 Exposure of Sensitive Information to an Unauthorized Actor Information Exposure

Affected Products 235

VendorProductVersionRange
asteriskopen_source1.8.0any
asteriskopen_source1.8.0any
asteriskopen_source1.8.0any
asteriskopen_source1.8.0any
asteriskopen_source1.8.0any
asteriskopen_source1.8.0any
asteriskopen_source1.8.0any
asteriskopen_source1.8.0any
asteriskopen_source1.8.0any
asteriskopen_source1.8.0any
asteriskopen_source1.8.1any
asteriskopen_source1.8.1any
asteriskopen_source1.8.1.1any
asteriskopen_source1.8.1.2any
asteriskopen_source1.8.2any
asteriskopen_source1.8.2any
asteriskopen_source1.8.2.1any
asteriskopen_source1.8.2.2any
asteriskopen_source1.8.2.3any
asteriskopen_source1.8.2.4any
asteriskopen_source1.8.3any
asteriskopen_source1.8.3any
asteriskopen_source1.8.3any
asteriskopen_source1.8.3any
asteriskopen_source1.8.3.1any
asteriskopen_source1.8.3.2any
asteriskopen_source1.8.3.3any
asteriskopen_source1.8.4any
asteriskopen_source1.8.4any
asteriskopen_source1.8.4any
asteriskopen_source1.8.4any
asteriskopen_source1.8.4.1any
asteriskopen_source1.8.4.2any
asteriskopen_source1.8.4.3any
asteriskopen_source1.8.4.4any
asteriskopen_source1.8.5any
asteriskopen_source1.8.5.0any
asteriskopen_source1.8.6.0any
asteriskopen_source1.8.6.0any
asteriskopen_source1.8.6.0any
asteriskopen_source1.8.6.0any
asteriskopen_source1.8.7.0any
asteriskopen_source1.8.7.0any
asteriskopen_source1.8.7.0any
asteriskopen_source1.8.7.1any
asteriskopen_source1.8.7.2any
asteriskopen_source1.8.8.0any
asteriskopen_source1.8.8.0any
asteriskopen_source1.8.8.0any
asteriskopen_source1.8.8.0any
asteriskopen_source1.8.8.0any
asteriskopen_source1.8.8.0any
asteriskopen_source1.8.8.1any
asteriskopen_source1.8.8.2any
asteriskopen_source1.8.9.0any
asteriskopen_source1.8.9.0any
asteriskopen_source1.8.9.0any
asteriskopen_source1.8.9.0any
asteriskopen_source1.8.9.1any
asteriskopen_source1.8.9.2any
asteriskopen_source1.8.9.3any
asteriskopen_source1.8.10.0any
asteriskopen_source1.8.10.0any
asteriskopen_source1.8.10.0any
asteriskopen_source1.8.10.0any
asteriskopen_source1.8.10.0any
asteriskopen_source1.8.10.1any
asteriskopen_source1.8.11.0any
asteriskopen_source1.8.11.0any
asteriskopen_source1.8.11.0any
asteriskopen_source1.8.11.1any
asteriskopen_source1.8.12any
asteriskopen_source1.8.12.0any
asteriskopen_source1.8.12.0any
asteriskopen_source1.8.12.0any
asteriskopen_source1.8.12.1any
asteriskopen_source1.8.12.2any
asteriskopen_source1.8.13.0any
asteriskopen_source1.8.13.0any
asteriskopen_source1.8.13.0any
asteriskopen_source1.8.13.1any
asteriskopen_source1.8.14.0any
asteriskopen_source1.8.14.0any
asteriskopen_source1.8.14.0any
asteriskopen_source1.8.14.1any
asteriskopen_source1.8.15.0any
asteriskopen_source1.8.15.0any
asteriskopen_source1.8.15.1any
asteriskopen_source1.8.16.0any
asteriskopen_source1.8.16.0any
asteriskopen_source1.8.16.0any
asteriskopen_source1.8.17.0any
asteriskopen_source1.8.17.0any
asteriskopen_source1.8.17.0any
asteriskopen_source1.8.17.0any
asteriskopen_source1.8.18.0any
asteriskopen_source1.8.18.0any
asteriskopen_source1.8.18.1any
asteriskopen_source1.8.19.0any
asteriskopen_source1.8.19.0any
asteriskopen_source1.8.19.0any
asteriskopen_source1.8.19.1any
asteriskopen_source1.8.20.0any
asteriskopen_source1.8.20.0any
asteriskopen_source1.8.20.0any
asteriskopen_source1.8.20.1any
asteriskopen_source10.0.0any
asteriskopen_source10.0.0any
asteriskopen_source10.0.0any
asteriskopen_source10.0.0any
asteriskopen_source10.0.0any
asteriskopen_source10.0.0any
asteriskopen_source10.0.1any
asteriskopen_source10.1.0any
asteriskopen_source10.1.0any
asteriskopen_source10.1.0any
asteriskopen_source10.1.1any
asteriskopen_source10.1.2any
asteriskopen_source10.1.3any
asteriskopen_source10.2.0any
asteriskopen_source10.2.0any
asteriskopen_source10.2.0any
asteriskopen_source10.2.0any
asteriskopen_source10.2.0any
asteriskopen_source10.2.1any
asteriskopen_source10.3.0any
asteriskopen_source10.3.0any
asteriskopen_source10.3.0any
asteriskopen_source10.3.1any
asteriskopen_source10.4.0any
asteriskopen_source10.4.0any
asteriskopen_source10.4.0any
asteriskopen_source10.4.0any
asteriskopen_source10.4.1any
asteriskopen_source10.4.2any
asteriskopen_source10.5.0any
asteriskopen_source10.5.0any
asteriskopen_source10.5.0any
asteriskopen_source10.5.1any
asteriskopen_source10.5.2any
asteriskopen_source10.6.0any
asteriskopen_source10.6.0any
asteriskopen_source10.6.0any
asteriskopen_source10.6.1any
asteriskopen_source10.7.0any
asteriskopen_source10.7.0any
asteriskopen_source10.7.1any
asteriskopen_source10.8.0any
asteriskopen_source10.8.0any
asteriskopen_source10.8.0any
asteriskopen_source10.9.0any
asteriskopen_source10.9.0any
asteriskopen_source10.9.0any
asteriskopen_source10.9.0any
asteriskopen_source10.10.0any
asteriskopen_source10.10.0any
asteriskopen_source10.10.0any
asteriskopen_source10.10.1any
asteriskopen_source10.11.0any
asteriskopen_source10.11.0any
asteriskopen_source10.11.0any
asteriskopen_source10.11.1any
asteriskopen_source10.12.0any
asteriskopen_source10.12.0any
asteriskopen_source10.12.0any
asteriskopen_source10.12.1any
asteriskopen_source11.0.0any
asteriskopen_source11.0.0any
asteriskopen_source11.0.0any
asteriskopen_source11.0.0any
asteriskopen_source11.0.0any
asteriskopen_source11.0.1any
asteriskopen_source11.0.2any
asteriskopen_source11.1.0any
asteriskopen_source11.1.0any
asteriskopen_source11.1.0any
asteriskopen_source11.1.1any
asteriskopen_source11.1.2any
asteriskopen_source11.2.0any
asteriskopen_source11.2.0any
asteriskopen_source11.2.0any
asteriskopen_source11.2.1any
asteriskcertified_asterisk1.8.15any
asteriskcertified_asterisk1.8.15any
asteriskcertified_asterisk1.8.15any
asteriskcertified_asterisk1.8.15any
asteriskcertified_asterisk1.8.15.0any
asteriskcertified_asterisk1.8.15.0any
asteriskbusiness_editionc.3.2.2any
asteriskbusiness_editionc.3.3any
asteriskbusiness_editionc.3.3.2any
asteriskdigiumphones10.0.0any
asteriskdigiumphones10.0.0any
asteriskdigiumphones10.0.0any
asteriskdigiumphones10.0.0any
asteriskdigiumphones10.0.0any
asteriskdigiumphones10.0.0any
asteriskdigiumphones10.1.0any
asteriskdigiumphones10.1.0any
asteriskdigiumphones10.1.0any
asteriskdigiumphones10.2.0any
asteriskdigiumphones10.2.0any
asteriskdigiumphones10.2.0any
asteriskdigiumphones10.2.0any
asteriskdigiumphones10.2.0any
asteriskdigiumphones10.3.0any
asteriskdigiumphones10.3.0any
asteriskdigiumphones10.3.0any
asteriskdigiumphones10.4.0any
asteriskdigiumphones10.4.0any
asteriskdigiumphones10.4.0any
asteriskdigiumphones10.4.0any
asteriskdigiumphones10.5.0any
asteriskdigiumphones10.5.0any
asteriskdigiumphones10.5.0any
asteriskdigiumphones10.6.0any
asteriskdigiumphones10.6.0any
asteriskdigiumphones10.6.0any
asteriskdigiumphones10.7.0any
asteriskdigiumphones10.7.0any
asteriskdigiumphones10.8.0any
asteriskdigiumphones10.8.0any
asteriskdigiumphones10.8.0any
asteriskdigiumphones10.9.0any
asteriskdigiumphones10.10.0any
asteriskdigiumphones10.10.0any
asteriskdigiumphones10.10.0any
asteriskdigiumphones10.11.0any
asteriskdigiumphones10.11.0any
asteriskdigiumphones10.11.0any
asteriskdigiumphones10.11.0any
asteriskdigiumphones10.12.0any
asteriskdigiumphones10.12.0any
asteriskdigiumphones10.12.0any
asteriskdigiumphones10.12.1any

References 2

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.