PT-2016-4145 · Ibm+1 · Ibm Personal Communications+1

Published

2016-07-17

Updated

2016-11-28

CVE-2016-0321

CVSS v3.1

6.2

Medium

Vector

AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions IBM Personal Communications (aka PCOMM) versions 6.x through 6.0.16 IBM Personal Communications (aka PCOMM) versions 12.x through 12.0.0.0

Description The issue allows local users to discover passwords by leveraging access to the victim account and executing a PowerShell script, due to improper restriction of credential extraction.

Recommendations For IBM Personal Communications (aka PCOMM) versions 6.x through 6.0.16, update to version 6.0.17 or later. For IBM Personal Communications (aka PCOMM) versions 12.x through 12.0.0.0, update to version 12.0.0.1 or later.

Fix

Information Disclosure

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-200

Related Identifiers

CVE-2016-0321

Affected Products

Ibm Personal Communications

Powershell

PT-2016-4145 · Ibm+1 · Ibm Personal Communications+1

CVE-2016-0321

Weakness Enumeration

Related Identifiers

Affected Products

References · 5