CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2018-11634

Plaintext Storage of Passwords in the administrative console in Dialogic PowerMedia XMS before 3.5 SU2 allows local users to access the web application's user passwords in cleartext by reading /var/www/xms/xmsdb/default.db.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 16.8%

CVSS Severity

CVSS v3 Score 7.8

CVSS v2 Score 2.1

References

https://d3adend.org/blog/?p=1398
https://d3adend.org/blog/?p=1398

Products affected by CVE-2018-11634

Dialogic » Powermedia Xms » Version: 3.5

cpe:2.3:a:dialogic:powermedia_xms:3.5

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2018-11634

Products

Pricing

Contact Us