6.2
CVE-2016-0321
- EPSS 0.13%
- Veröffentlicht 17.07.2016 22:59:00
- Zuletzt bearbeitet 12.04.2025 10:46:40
- Quelle psirt@us.ibm.com
- Teams Watchlist Login
- Unerledigt Login
IBM Personal Communications (aka PCOMM) 6.x before 6.0.17 and 12.x before 12.0.0.1 does not properly restrict credential extraction, which allows local users to discover passwords by leveraging access to the victim account and executing a PowerShell script.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Ibm ≫ Personal Communications Version12.0.0
Ibm ≫ Personal Communications Version6.0.0
Ibm ≫ Personal Communications Version6.0.1
Ibm ≫ Personal Communications Version6.0.2
Ibm ≫ Personal Communications Version6.0.3
Ibm ≫ Personal Communications Version6.0.4
Ibm ≫ Personal Communications Version6.0.5
Ibm ≫ Personal Communications Version6.0.6
Ibm ≫ Personal Communications Version6.0.7
Ibm ≫ Personal Communications Version6.0.8
Ibm ≫ Personal Communications Version6.0.9
Ibm ≫ Personal Communications Version6.0.10
Ibm ≫ Personal Communications Version6.0.11
Ibm ≫ Personal Communications Version6.0.12
Ibm ≫ Personal Communications Version6.0.13
Ibm ≫ Personal Communications Version6.0.14
Ibm ≫ Personal Communications Version6.0.15
Ibm ≫ Personal Communications Version6.0.16
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.13% | 0.297 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 6.2 | 2.5 | 3.6 |
CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
|
| nvd@nist.gov | 2.1 | 3.9 | 2.9 |
AV:L/AC:L/Au:N/C:P/I:N/A:N
|
CWE-200 Exposure of Sensitive Information to an Unauthorized Actor
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.