How severe is CVE-2019-13161?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 5.3 out of 10.

What type of vulnerability is CVE-2019-13161?

This is classified as CWE-476, which is a common weakness in software security.

CVE-2019-13161

MEDIUM Year: 2019

CVSS v3 Score

5.3

Medium

CVSS v2 Score

3.5

Low

Weakness Type

CWE-476

View all →

Vulnerability Description

An issue was discovered in Asterisk Open Source through 13.27.0, 14.x and 15.x through 15.7.2, and 16.x through 16.4.0, and Certified Asterisk through 13.21-cert3. A pointer dereference in chan_sip while handling SDP negotiation allows an attacker to crash Asterisk when handling an SDP answer to an outgoing T.38 re-invite. To exploit this vulnerability an attacker must cause the chan_sip module to send a T.38 re-invite request to them. Upon receipt, the attacker must send an SDP answer containing both a T.38 UDPTL stream and another media stream containing only a codec (which is not permitted according to the chan_sip configuration).

CVE-2017-1000360

MEDIUM

CVSS:5.3(Medium)

StreamCorruptedException and NullPointerException in OpenDaylight odl-mdsal-xsql. Controller launches exceptions in the console. Component: OpenDaylight odl-mdsal-xsql is vulnerable to this flaw. Vers...

CWE-4762017

CVE-2017-17251

MEDIUM

CVSS:5.3(Medium)

Huawei AR120-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR1200 V200R006C10, V200R006C13, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR1200-S V200R006C10, V200R007C00, ...

CWE-4762017

CVE-2017-18658

MEDIUM

CVSS:5.3(Medium)

An issue was discovered on Samsung mobile devices with M(6.0) software. The multiwindow_facade API allows attackers to cause a NullPointerException and system halt via an attempted screen touch of a n...

CWE-4762017

CVE-2018-0833

MEDIUM

CVSS:5.3(Medium)

The Microsoft Server Message Block 2.0 and 3.0 (SMBv2/SMBv3) client in Windows 8.1 and RT 8.1 and Windows Server 2012 R2 allows a denial of service vulnerability due to how specially crafted requests ...

CWE-4762018

CVE-2018-3841

MEDIUM

CVSS:5.3(Medium)

A denial-of-service vulnerability exists in the Pixar Renderman IT Display Service 21.6 (0x69). The vulnerability is present in the parsing of a network packet without proper validation of the packet....

CWE-4762018

CVE-2019-19722

MEDIUM

CVSS:5.3(Medium)

In Dovecot before 2.3.9.2, an attacker can crash a push-notification driver with a crafted email when push notifications are used, because of a NULL Pointer Dereference. The email must use a group add...

CWE-4762019

CVE-2019-13161

Vulnerability Description

Related Vulnerabilities

CVE-2017-1000360

CVE-2017-17251

CVE-2017-18658

CVE-2018-0833

CVE-2018-3841

CVE-2019-19722