6.2
CVE-2016-0321
- EPSS 0.13%
- Published 17.07.2016 22:59:00
- Last modified 12.04.2025 10:46:40
- Source psirt@us.ibm.com
- Teams watchlist Login
- Open Login
IBM Personal Communications (aka PCOMM) 6.x before 6.0.17 and 12.x before 12.0.0.1 does not properly restrict credential extraction, which allows local users to discover passwords by leveraging access to the victim account and executing a PowerShell script.
Data is provided by the National Vulnerability Database (NVD)
Ibm ≫ Personal Communications Version12.0.0
Ibm ≫ Personal Communications Version6.0.0
Ibm ≫ Personal Communications Version6.0.1
Ibm ≫ Personal Communications Version6.0.2
Ibm ≫ Personal Communications Version6.0.3
Ibm ≫ Personal Communications Version6.0.4
Ibm ≫ Personal Communications Version6.0.5
Ibm ≫ Personal Communications Version6.0.6
Ibm ≫ Personal Communications Version6.0.7
Ibm ≫ Personal Communications Version6.0.8
Ibm ≫ Personal Communications Version6.0.9
Ibm ≫ Personal Communications Version6.0.10
Ibm ≫ Personal Communications Version6.0.11
Ibm ≫ Personal Communications Version6.0.12
Ibm ≫ Personal Communications Version6.0.13
Ibm ≫ Personal Communications Version6.0.14
Ibm ≫ Personal Communications Version6.0.15
Ibm ≫ Personal Communications Version6.0.16
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.13% | 0.297 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| nvd@nist.gov | 6.2 | 2.5 | 3.6 |
CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
|
| nvd@nist.gov | 2.1 | 3.9 | 2.9 |
AV:L/AC:L/Au:N/C:P/I:N/A:N
|
CWE-200 Exposure of Sensitive Information to an Unauthorized Actor
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.