AMI Users with “config” permissions may read files outside of Asterisk directory via GetConfig AMI Action even if “live_dangerously" is set to "no"
Created asterisk tracking bugs for this issue:
Affects: epel-8 [bug 2150941]
Affects: fedora-all [bug 2150942]
This CVE Bugzilla entry is for community support informational purposes only as it does not affect a package in a commercially supported Red Hat product. Refer to the dependent bugs for status of those individual community products.