CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2018-11639

Plaintext Storage of Passwords within Cookies in /var/www/xms/application/controllers/verifyLogin.php in the administrative console in Dialogic PowerMedia XMS before 3.5 SU2 allows remote attackers to access a user's password in cleartext.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.005

EPSS Ranking 63.8%

CVSS Severity

CVSS v3 Score 8.1

CVSS v2 Score 4.3

References

https://d3adend.org/blog/?p=1398
https://d3adend.org/blog/?p=1398

Products affected by CVE-2018-11639

Dialogic » Powermedia Xms » Version: 3.5

cpe:2.3:a:dialogic:powermedia_xms:3.5

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2018-11639

Products

Pricing

Contact Us