Unrated severityNVD Advisory· Published Nov 24, 2014· Updated Jun 17, 2026
CVE-2014-8414
CVE-2014-8414
Description
ConfBridge in Asterisk 11.x before 11.14.1 and Certified Asterisk 11.6 before 11.6-cert8 does not properly handle state changes, which allows remote attackers to cause a denial of service (channel hang and memory consumption) by causing transitions to be delayed, which triggers a state change from hung up to waiting for media.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
11cpe:2.3:a:digium:certified_asterisk:11.6.0:*:*:*:lts:*:*:*+ 7 more
- cpe:2.3:a:digium:certified_asterisk:11.6.0:*:*:*:lts:*:*:*
- cpe:2.3:a:digium:certified_asterisk:11.6:cert1:*:*:lts:*:*:*
- cpe:2.3:a:digium:certified_asterisk:11.6:cert2:*:*:lts:*:*:*
- cpe:2.3:a:digium:certified_asterisk:11.6:cert3:*:*:lts:*:*:*
- cpe:2.3:a:digium:certified_asterisk:11.6:cert4:*:*:lts:*:*:*
- cpe:2.3:a:digium:certified_asterisk:11.6:cert5:*:*:lts:*:*:*
- cpe:2.3:a:digium:certified_asterisk:11.6:cert6:*:*:lts:*:*:*
- cpe:2.3:a:digium:certified_asterisk:11.6:cert7:*:*:lts:*:*:*
- Range: <11.14.1 (Asterisk 11.x); <11.6-cert8 (Certified Asterisk 11.6)
Patches
Vulnerability mechanics
References
2News mentions
0No linked articles in our index yet.