VYPR
Unrated severityNVD Advisory· Published Nov 24, 2014· Updated Jun 17, 2026

CVE-2014-8417

CVE-2014-8417

Description

ConfBridge in Asterisk 11.x before 11.14.1, 12.x before 12.7.1, and 13.x before 13.0.1 and Certified Asterisk 11.6 before 11.6-cert8 allows remote authenticated users to (1) gain privileges via vectors related to an external protocol to the CONFBRIDGE dialplan function or (2) execute arbitrary system commands via a crafted ConfbridgeStartRecord AMI action.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

11
  • cpe:2.3:a:digium:asterisk:*:*:*:*:*:*:*:*
    Range: >=11.0.0,<11.14.1
  • cpe:2.3:a:digium:certified_asterisk:11.6.0:-:*:*:*:*:*:*+ 7 more
    • cpe:2.3:a:digium:certified_asterisk:11.6.0:-:*:*:*:*:*:*
    • cpe:2.3:a:digium:certified_asterisk:11.6:cert1:*:*:*:*:*:*
    • cpe:2.3:a:digium:certified_asterisk:11.6:cert2:*:*:*:*:*:*
    • cpe:2.3:a:digium:certified_asterisk:11.6:cert3:*:*:*:*:*:*
    • cpe:2.3:a:digium:certified_asterisk:11.6:cert4:*:*:*:*:*:*
    • cpe:2.3:a:digium:certified_asterisk:11.6:cert5:*:*:*:*:*:*
    • cpe:2.3:a:digium:certified_asterisk:11.6:cert6:*:*:*:*:*:*
    • cpe:2.3:a:digium:certified_asterisk:11.6:cert7:*:*:*:*:*:*
  • Range: >=11.0, <11.14.1 || >=12.0, <12.7.1 || >=13.0, <13.0.1
  • Range: <11.6-cert8

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.