PT-2018-10723 · Dialogic · Dialogic Powermedia Xms

Published

2018-07-03

Updated

2019-10-03

CVE-2018-11639

CVSS v3.1

8.1

High

Vector

AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Dialogic PowerMedia XMS versions prior to 3.5 SU2

Description The issue allows remote attackers to access a user's password in cleartext due to plaintext storage of passwords within cookies in the administrative console. This occurs in the /var/www/xms/application/controllers/verifyLogin.php file.

Recommendations For versions prior to 3.5 SU2, update to version 3.5 SU2 or later to resolve the issue. As a temporary workaround, consider restricting access to the administrative console to minimize the risk of exploitation. Avoid using the password variable in the affected API endpoint until the issue is resolved.

Exploit

Fix

Insufficiently Protected Credentials

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-522

Related Identifiers

CVE-2018-11639

Affected Products

Dialogic Powermedia Xms

PT-2018-10723 · Dialogic · Dialogic Powermedia Xms

CVE-2018-11639

Weakness Enumeration

Related Identifiers

Affected Products

References · 3