Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Plaintext Storage of Passwords in the administrative console in Dialogic PowerMedia XMS before 3.5 SU2 allows local users to access the web application's user passwords in cleartext by reading /var/www/xms/xmsdb/default.db.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Dialogic PowerMedia XMS 管理控制台安全漏洞
Vulnerability Description
Dialogic PowerMedia XMS是美国Dialogic公司的一套用于实时通信的软件多媒体服务器,它能够为IMS、MRF、企业和WebRTC应用程序提供实时多媒体通信解决方案。 Dialogic PowerMedia XMS 3.5 SU2之前版本中的管理控制台存在安全漏洞,该漏洞源于程序将密码存储为明文形式。本地攻击者可通过读取/var/www/xms/xmsdb/default.db文件利用该漏洞访问Web应用程序的明文形式的用户密码。
CVSS Information
N/A
Vulnerability Type
N/A