CVE-2014-4047

CVE Database · CVE-2014-4047

CVE-2014-4047

· N/AModified

CVSS v3.1

N/A

EPSS

4.91%

Published

Jun 17, 2014

Modified

May 6, 2026

Public PoC / Exploit (1)

All weaponized →

TrickestTrickest PoC index

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

Asterisk Open Source 1.8.x before 1.8.28.1, 11.x before 11.10.1, and 12.x before 12.3.1 and Certified Asterisk 1.8.15 before 1.8.15-cert6 and 11.6 before 11.6-cert3 allows remote attackers to cause a denial of service (connection consumption) via a large number of (1) inactive or (2) incomplete HTTP connections.

Affected Products (217)

digium · certified_asteriskvulnerable

digium · asteriskvulnerable

References (6)

http://downloads.asterisk.org/pub/security/AST-2014-007.html

PatchVendor Advisory

http://packetstormsecurity.com/files/127089/Asterisk-Project-Security-Advisory-AST-2014-007.html

http://www.securityfocus.com/archive/1/532415/100/0/threaded

http://downloads.asterisk.org/pub/security/AST-2014-007.html

PatchVendor Advisory

http://packetstormsecurity.com/files/127089/Asterisk-Project-Security-Advisory-AST-2014-007.html

http://www.securityfocus.com/archive/1/532415/100/0/threaded

KEV Catalog EPSS Scores Vendors All CVEs

digium · asteriskvulnerable