CyberSec.Space Logo
Back to CVE Browser

CVE-2012-2414

MEDIUM
6.5
CVSS Severity Score
EPSS Score0.0610%
EPSS Percentile43.24th
PublishedApr 30, 2012
Last ModifiedApr 29, 2026

Vulnerability Description

main/manager.c in the Manager Interface in Asterisk Open Source 1.6.2.x before 1.6.2.24, 1.8.x before 1.8.11.1, and 10.x before 10.3.1 and Asterisk Business Edition C.3.x before C.3.7.4 does not properly enforce System class authorization requirements, which allows remote authenticated users to execute arbitrary commands via (1) the originate action in the MixMonitor application, (2) the SHELL and EVAL functions in the GetVar manager action, or (3) the SHELL and EVAL functions in the Status manager action.

Affected Platforms (CPE)

📦
Asterisk

Open Source

= 1.6.2.0
📦
Asterisk

Open Source

= 1.6.2.0
📦
Asterisk

Open Source

= 1.6.2.0
📦
Asterisk

Open Source

= 1.6.2.0
📦
Asterisk

Open Source

= 1.6.2.0
📦
Asterisk

Open Source

= 1.6.2.0
📦
Asterisk

Open Source

= 1.6.2.0
📦
Asterisk

Open Source

= 1.6.2.0
📦
Asterisk

Open Source

= 1.6.2.1
📦
Asterisk

Open Source

= 1.6.2.1
📦
Asterisk

Open Source

= 1.6.2.2
📦
Asterisk

Open Source

= 1.6.2.3
📦
Asterisk

Open Source

= 1.6.2.4
📦
Asterisk

Open Source

= 1.6.2.5
📦
Asterisk

Open Source

= 1.6.2.6
📦
Asterisk

Open Source

= 1.6.2.6
📦
Asterisk

Open Source

= 1.6.2.6
📦
Asterisk

Open Source

= 1.6.2.7
📦
Asterisk

Open Source

= 1.6.2.7
📦
Asterisk

Open Source

= 1.6.2.7
📦
Asterisk

Open Source

= 1.6.2.7
📦
Asterisk

Open Source

= 1.6.2.8
📦
Asterisk

Open Source

= 1.6.2.8
📦
Asterisk

Open Source

= 1.6.2.9
📦
Asterisk

Open Source

= 1.6.2.9
📦
Asterisk

Open Source

= 1.6.2.9
📦
Asterisk

Open Source

= 1.6.2.9
📦
Asterisk

Open Source

= 1.6.2.10
📦
Asterisk

Open Source

= 1.6.2.10
📦
Asterisk

Open Source

= 1.6.2.10
📦
Asterisk

Open Source

= 1.6.2.11
📦
Asterisk

Open Source

= 1.6.2.11
📦
Asterisk

Open Source

= 1.6.2.11
📦
Asterisk

Open Source

= 1.6.2.12
📦
Asterisk

Open Source

= 1.6.2.12
📦
Asterisk

Open Source

= 1.6.2.13
📦
Asterisk

Open Source

= 1.6.2.14
📦
Asterisk

Open Source

= 1.6.2.14
📦
Asterisk

Open Source

= 1.6.2.15
📦
Asterisk

Open Source

= 1.6.2.15
📦
Asterisk

Open Source

= 1.6.2.15.1
📦
Asterisk

Open Source

= 1.6.2.16
📦
Asterisk

Open Source

= 1.6.2.16
📦
Asterisk

Open Source

= 1.6.2.16.1
📦
Asterisk

Open Source

= 1.6.2.16.2
📦
Asterisk

Open Source

= 1.6.2.17
📦
Asterisk

Open Source

= 1.6.2.17
📦
Asterisk

Open Source

= 1.6.2.17
📦
Asterisk

Open Source

= 1.6.2.17
📦
Asterisk

Open Source

= 1.6.2.17.1
📦
Asterisk

Open Source

= 1.6.2.17.2
📦
Asterisk

Open Source

= 1.6.2.17.3
📦
Asterisk

Open Source

= 1.6.2.18
📦
Asterisk

Open Source

= 1.6.2.18
📦
Asterisk

Open Source

= 1.6.2.18.1
📦
Asterisk

Open Source

= 1.6.2.18.2
📦
Asterisk

Open Source

= 1.6.2.19
📦
Asterisk

Open Source

= 1.6.2.19
📦
Asterisk

Open Source

= 1.6.2.20
📦
Asterisk

Open Source

= 1.6.2.21
📦
Asterisk

Open Source

= 1.6.2.22
📦
Asterisk

Open Source

= 1.6.2.23
📦
Asterisk

Open Source

= 1.8.0
📦
Asterisk

Open Source

= 1.8.0
📦
Asterisk

Open Source

= 1.8.0
📦
Asterisk

Open Source

= 1.8.0
📦
Asterisk

Open Source

= 1.8.0
📦
Asterisk

Open Source

= 1.8.0
📦
Asterisk

Open Source

= 1.8.0
📦
Asterisk

Open Source

= 1.8.0
📦
Asterisk

Open Source

= 1.8.0
📦
Asterisk

Open Source

= 1.8.0
📦
Asterisk

Open Source

= 1.8.1
📦
Asterisk

Open Source

= 1.8.1
📦
Asterisk

Open Source

= 1.8.1.1
📦
Asterisk

Open Source

= 1.8.1.2
📦
Asterisk

Open Source

= 1.8.2
📦
Asterisk

Open Source

= 1.8.2
📦
Asterisk

Open Source

= 1.8.2.1
📦
Asterisk

Open Source

= 1.8.2.2
📦
Asterisk

Open Source

= 1.8.2.3
📦
Asterisk

Open Source

= 1.8.2.4
📦
Asterisk

Open Source

= 1.8.3
📦
Asterisk

Open Source

= 1.8.3
📦
Asterisk

Open Source

= 1.8.3
📦
Asterisk

Open Source

= 1.8.3
📦
Asterisk

Open Source

= 1.8.3.1
📦
Asterisk

Open Source

= 1.8.3.2
📦
Asterisk

Open Source

= 1.8.3.3
📦
Asterisk

Open Source

= 1.8.4
📦
Asterisk

Open Source

= 1.8.4
📦
Asterisk

Open Source

= 1.8.4
📦
Asterisk

Open Source

= 1.8.4
📦
Asterisk

Open Source

= 1.8.4.1
📦
Asterisk

Open Source

= 1.8.4.2
📦
Asterisk

Open Source

= 1.8.4.3
📦
Asterisk

Open Source

= 1.8.4.4
📦
Asterisk

Open Source

= 1.8.5
📦
Asterisk

Open Source

= 1.8.5.0
📦
Asterisk

Open Source

= 1.8.6.0
📦
Asterisk

Open Source

= 1.8.6.0
📦
Asterisk

Open Source

= 1.8.6.0
📦
Asterisk

Open Source

= 1.8.6.0
📦
Asterisk

Open Source

= 1.8.7.0
📦
Asterisk

Open Source

= 1.8.7.0
📦
Asterisk

Open Source

= 1.8.7.0
📦
Asterisk

Open Source

= 1.8.7.1
📦
Asterisk

Open Source

= 1.8.7.2
📦
Asterisk

Open Source

= 1.8.8.0
📦
Asterisk

Open Source

= 1.8.8.0
📦
Asterisk

Open Source

= 1.8.8.0
📦
Asterisk

Open Source

= 1.8.8.0
📦
Asterisk

Open Source

= 1.8.8.0
📦
Asterisk

Open Source

= 1.8.8.0
📦
Asterisk

Open Source

= 1.8.8.1
📦
Asterisk

Open Source

= 1.8.8.2
📦
Asterisk

Open Source

= 1.8.9.0
📦
Asterisk

Open Source

= 1.8.9.0
📦
Asterisk

Open Source

= 1.8.9.0
📦
Asterisk

Open Source

= 1.8.9.0
📦
Asterisk

Open Source

= 1.8.9.1
📦
Asterisk

Open Source

= 1.8.9.2
📦
Asterisk

Open Source

= 1.8.9.3
📦
Asterisk

Open Source

= 1.8.10.0
📦
Asterisk

Open Source

= 1.8.10.0
📦
Asterisk

Open Source

= 1.8.10.0
📦
Asterisk

Open Source

= 1.8.10.0
📦
Asterisk

Open Source

= 1.8.10.0
📦
Asterisk

Open Source

= 1.8.10.1
📦
Asterisk

Open Source

= 1.8.11.0
📦
Asterisk

Open Source

= 1.8.11.0
📦
Asterisk

Open Source

= 10.0.0
📦
Asterisk

Open Source

= 10.0.0
📦
Asterisk

Open Source

= 10.0.0
📦
Asterisk

Open Source

= 10.0.0
📦
Asterisk

Open Source

= 10.0.0
📦
Asterisk

Open Source

= 10.0.0
📦
Asterisk

Open Source

= 10.0.1
📦
Asterisk

Open Source

= 10.1.0
📦
Asterisk

Open Source

= 10.1.0
📦
Asterisk

Open Source

= 10.1.0
📦
Asterisk

Open Source

= 10.1.1
📦
Asterisk

Open Source

= 10.1.2
📦
Asterisk

Open Source

= 10.1.3
📦
Asterisk

Open Source

= 10.2.0
📦
Asterisk

Open Source

= 10.2.0
📦
Asterisk

Open Source

= 10.2.0
📦
Asterisk

Open Source

= 10.2.0
📦
Asterisk

Open Source

= 10.2.0
📦
Asterisk

Open Source

= 10.2.1
📦
Asterisk

Open Source

= 10.3.0
📦
Asterisk

Open Source

= 10.3.0
📦
Asterisk

Open Source

= 10.3.0

References & Advisories

🔗 http://downloads.asterisk.org/pub/security/AST-2012-004.html
🔗 http://lists.fedoraproject.org/pipermail/package-announce/2012-May/079759.html
🔗 http://osvdb.org/81454
🔗 http://secunia.com/advisories/48891
🔗 http://secunia.com/advisories/48941
🔗 http://www.debian.org/security/2012/dsa-2460
🔗 http://www.securityfocus.com/bid/53206
🔗 http://www.securitytracker.com/id?1026961

Related Vulnerabilities

CVE-2026-4720810.0

vm2 is an open source vm/sandbox for Node.js. Prior to version 3.11.4, VM2 suffers from a sandbox breakout vulnerability. This all...

CVE-2026-4714010.0

vm2 is an open source vm/sandbox for Node.js. Prior to version 3.11.4, NodeVM blocks several dangerous Node.js builtins such as mo...

CVE-2026-4713710.0

vm2 is an open source vm/sandbox for Node.js. Prior to version 3.11.4, the fix for GHSA-8hg8-63c5-gwmx (CVE-2023-37903) introduced...

CVE-2026-4713110.0

vm2 is an open source vm/sandbox for Node.js. Prior to version 3.11.4, by combining Buffer.call.call({}.__lookupGetter__, Buffer, ...