CVE-2018-11639

2018-07-0317:00:00

mitre

www.cve.org

AI Score

8.2

Confidence

High

EPSS

0.005

Percentile

77.2%

JSON

Plaintext Storage of Passwords within Cookies in /var/www/xms/application/controllers/verifyLogin.php in the administrative console in Dialogic PowerMedia XMS before 3.5 SU2 allows remote attackers to access a user’s password in cleartext.

References

d3adend.org/blog/?p=1398