CyberSec.Space Logo
Back to CVE Browser

CVE-2014-8413

HIGH
7.5
CVSS Severity Score
EPSS Score0.0760%
EPSS Percentile41.63th
PublishedNov 24, 2014
Last ModifiedMay 6, 2026

Vulnerability Description

The res_pjsip_acl module in Asterisk Open Source 12.x before 12.7.1 and 13.x before 13.0.1 does not properly create and load ACLs defined in pjsip.conf at startup, which allows remote attackers to bypass intended PJSIP ACL rules.

Affected Platforms (CPE)

📦
Digium

Asterisk

>= 12.0.0 and < 12.7.1
📦
Digium

Asterisk

>= 13.0.0 and < 13.0.1

References & Advisories

🔗 http://downloads.asterisk.org/pub/security/AST-2014-013.html
🔗 http://downloads.asterisk.org/pub/security/AST-2014-013.html

Related Vulnerabilities

CVE-2026-53430

Improper Handling of Highly Compressed Data (Data Amplification) vulnerability in elixir-grpc grpc (GRPC.Compressor.Gzip, GRPC.Mes...

CVE-2026-48854

Allocation of Resources Without Limits or Throttling vulnerability in elixir-grpc grpc allows unauthenticated attackers to exhaust...

CVE-2026-48853

Deserialization of Untrusted Data and Allocation of Resources Without Limits or Throttling vulnerabilities in elixir-grpc grpc all...

CVE-2026-487237.8

The browserstack-cypress-cli is BrowserStack's CLI which allows users to run Cypress tests on BrowserStack. Versions prior to 1.36...