CVE-2018-11640

Name of the Vulnerable Software and Affected Versions Dialogic PowerMedia XMS versions prior to 3.5 SU2

Description The issue allows remote attackers to read arbitrary files or cause a denial of service due to resource consumption. This is related to an XML External Entity (XXE) vulnerability in the web service.

Recommendations For versions prior to 3.5 SU2, update to version 3.5 SU2 or later to resolve the issue. As a temporary workaround, consider restricting access to the web service to minimize the risk of exploitation.