HomeAsteriskCVE-2013-2264

CVE-2013-2264

UNKNOWN
5.0CVSS
Published: 2013-04-01
Updated: 2025-04-11
AI Analysis

Description

The SIP channel driver in Asterisk Open Source 1.8.x before 1.8.20.2, 10.x before 10.12.2, and 11.x before 11.2.2; Certified Asterisk 1.8.15 before 1.8.15-cert2; Asterisk Business Edition (BE) C.3.x before C.3.8.1; and Asterisk Digiumphones 10.x-digiumphones before 10.12.2-digiumphones exhibits different behavior for invalid INVITE, SUBSCRIBE, and REGISTER transactions depending on whether the user account exists, which allows remote attackers to enumerate account names by (1) reading HTTP status codes, (2) reading additional text in a 403 (aka Forbidden) response, or (3) observing whether certain retransmissions occur.

CVSS Metrics

Vector
AV:N/AC:L/Au:N/C:P/I:N/A:N
Access Vector
network
Access Cmplx
low
Auth
none
Confidentiality
partial
Integrity
none
Availability
none
Weaknesses
CWE-200

Metadata

Primary Vendor
ASTERISK
Published
4/1/2013
Last Modified
4/11/2025
Source
NIST NVD
Note: Verify all details with official vendor sources before applying patches.

Affected Products

asterisk : open_sourceasterisk : open_sourceasterisk : open_sourceasterisk : open_sourceasterisk : open_sourceasterisk : open_sourceasterisk : open_sourceasterisk : open_sourceasterisk : open_sourceasterisk : open_sourceasterisk : open_sourceasterisk : open_sourceasterisk : open_sourceasterisk : open_sourceasterisk : open_sourceasterisk : open_sourceasterisk : open_sourceasterisk : open_sourceasterisk : open_sourceasterisk : open_sourceasterisk : open_sourceasterisk : open_sourceasterisk : open_sourceasterisk : open_sourceasterisk : open_sourceasterisk : open_sourceasterisk : open_sourceasterisk : open_sourceasterisk : open_sourceasterisk : open_sourceasterisk : open_sourceasterisk : open_sourceasterisk : open_sourceasterisk : open_sourceasterisk : open_sourceasterisk : open_sourceasterisk : open_sourceasterisk : open_sourceasterisk : open_sourceasterisk : open_sourceasterisk : open_sourceasterisk : open_sourceasterisk : open_sourceasterisk : open_sourceasterisk : open_sourceasterisk : open_sourceasterisk : open_sourceasterisk : open_sourceasterisk : open_sourceasterisk : open_sourceasterisk : open_sourceasterisk : open_sourceasterisk : open_sourceasterisk : open_sourceasterisk : open_sourceasterisk : open_sourceasterisk : open_sourceasterisk : open_sourceasterisk : open_sourceasterisk : open_sourceasterisk : open_sourceasterisk : open_sourceasterisk : open_sourceasterisk : open_sourceasterisk : open_sourceasterisk : open_sourceasterisk : open_sourceasterisk : open_sourceasterisk : open_sourceasterisk : open_sourceasterisk : open_sourceasterisk : open_sourceasterisk : open_sourceasterisk : open_sourceasterisk : open_sourceasterisk : open_sourceasterisk : open_sourceasterisk : open_sourceasterisk : open_sourceasterisk : open_sourceasterisk : open_sourceasterisk : open_sourceasterisk : open_sourceasterisk : open_sourceasterisk : open_sourceasterisk : open_sourceasterisk : open_sourceasterisk : open_sourceasterisk : open_sourceasterisk : open_sourceasterisk : open_sourceasterisk : open_sourceasterisk : open_sourceasterisk : open_sourceasterisk : open_sourceasterisk : open_sourceasterisk : open_sourceasterisk : open_sourceasterisk : open_sourceasterisk : open_sourceasterisk : open_sourceasterisk : open_sourceasterisk : open_sourceasterisk : open_sourceasterisk : open_sourceasterisk : open_sourceasterisk : open_sourceasterisk : open_sourceasterisk : open_sourceasterisk : open_sourceasterisk : open_sourceasterisk : open_sourceasterisk : open_sourceasterisk : open_sourceasterisk : open_sourceasterisk : open_sourceasterisk : open_sourceasterisk : open_sourceasterisk : open_sourceasterisk : open_sourceasterisk : open_sourceasterisk : open_sourceasterisk : open_sourceasterisk : open_sourceasterisk : open_sourceasterisk : open_sourceasterisk : open_sourceasterisk : open_sourceasterisk : open_sourceasterisk : open_sourceasterisk : open_sourceasterisk : open_sourceasterisk : open_sourceasterisk : open_sourceasterisk : open_sourceasterisk : open_sourceasterisk : open_sourceasterisk : open_sourceasterisk : open_sourceasterisk : open_sourceasterisk : open_sourceasterisk : open_sourceasterisk : open_sourceasterisk : open_sourceasterisk : open_sourceasterisk : open_sourceasterisk : open_sourceasterisk : open_sourceasterisk : open_sourceasterisk : open_sourceasterisk : open_sourceasterisk : open_sourceasterisk : open_sourceasterisk : open_sourceasterisk : open_sourceasterisk : open_sourceasterisk : open_sourceasterisk : open_sourceasterisk : open_sourceasterisk : open_sourceasterisk : open_sourceasterisk : open_sourceasterisk : open_sourceasterisk : open_sourceasterisk : open_sourceasterisk : open_sourceasterisk : open_sourceasterisk : open_sourceasterisk : open_sourceasterisk : open_sourceasterisk : open_sourceasterisk : open_sourceasterisk : open_sourceasterisk : open_sourceasterisk : open_sourceasterisk : open_sourceasterisk : open_sourceasterisk : open_sourceasterisk : open_sourceasterisk : open_sourceasterisk : open_sourceasterisk : open_sourceasterisk : certified_asteriskasterisk : certified_asteriskasterisk : certified_asteriskasterisk : certified_asteriskasterisk : certified_asteriskasterisk : certified_asteriskasterisk : business_editionasterisk : business_editionasterisk : business_editionasterisk : digiumphonesasterisk : digiumphonesasterisk : digiumphonesasterisk : digiumphonesasterisk : digiumphonesasterisk : digiumphonesasterisk : digiumphonesasterisk : digiumphonesasterisk : digiumphonesasterisk : digiumphonesasterisk : digiumphonesasterisk : digiumphonesasterisk : digiumphonesasterisk : digiumphonesasterisk : digiumphonesasterisk : digiumphonesasterisk : digiumphonesasterisk : digiumphonesasterisk : digiumphonesasterisk : digiumphonesasterisk : digiumphonesasterisk : digiumphonesasterisk : digiumphonesasterisk : digiumphonesasterisk : digiumphonesasterisk : digiumphonesasterisk : digiumphonesasterisk : digiumphonesasterisk : digiumphonesasterisk : digiumphonesasterisk : digiumphonesasterisk : digiumphonesasterisk : digiumphonesasterisk : digiumphonesasterisk : digiumphonesasterisk : digiumphonesasterisk : digiumphonesasterisk : digiumphonesasterisk : digiumphonesasterisk : digiumphonesasterisk : digiumphonesasterisk : digiumphonesasterisk : digiumphonesasterisk : digiumphones

AI-Powered Remediation

Generate remediation guidance or a C-suite brief for this vulnerability.

Executive Intelligence Brief

View on NIST NVD
CVE-CVE-2013-2264 | UNKNOWN Severity | CVEDatabase.com | CVEDatabase.com