VYPR
Unrated severityNVD Advisory· Published Nov 24, 2014· Updated Jun 17, 2026

CVE-2014-8414

CVE-2014-8414

Description

ConfBridge in Asterisk 11.x before 11.14.1 and Certified Asterisk 11.6 before 11.6-cert8 does not properly handle state changes, which allows remote attackers to cause a denial of service (channel hang and memory consumption) by causing transitions to be delayed, which triggers a state change from hung up to waiting for media.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

11
  • cpe:2.3:a:digium:asterisk:*:*:*:*:lts:*:*:*
    Range: <=11.14.0
  • cpe:2.3:a:digium:certified_asterisk:11.6.0:*:*:*:lts:*:*:*+ 7 more
    • cpe:2.3:a:digium:certified_asterisk:11.6.0:*:*:*:lts:*:*:*
    • cpe:2.3:a:digium:certified_asterisk:11.6:cert1:*:*:lts:*:*:*
    • cpe:2.3:a:digium:certified_asterisk:11.6:cert2:*:*:lts:*:*:*
    • cpe:2.3:a:digium:certified_asterisk:11.6:cert3:*:*:lts:*:*:*
    • cpe:2.3:a:digium:certified_asterisk:11.6:cert4:*:*:lts:*:*:*
    • cpe:2.3:a:digium:certified_asterisk:11.6:cert5:*:*:lts:*:*:*
    • cpe:2.3:a:digium:certified_asterisk:11.6:cert6:*:*:lts:*:*:*
    • cpe:2.3:a:digium:certified_asterisk:11.6:cert7:*:*:lts:*:*:*
  • Range: <11.14.1 (Asterisk 11.x); <11.6-cert8 (Certified Asterisk 11.6)
  • Range: <11.14.1 (11.x); <11.6-cert8 (Certified 11.6)

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.