Cleartext Storage of User Passwords in Dialogic PowerMedia XMS Administrative Console

Cleartext Storage of User Passwords in Dialogic PowerMedia XMS Administrative Console

CVE-2018-11634 · LOW Severity

AV:L/AC:L/AU:N/C:P/I:N/A:N

Plaintext Storage of Passwords in the administrative console in Dialogic PowerMedia XMS before 3.5 SU2 allows local users to access the web application's user passwords in cleartext by reading /var/www/xms/xmsdb/default.db.

Learn more about our Web App Pen Testing.