CVE-2016-0321

MEDIUM

IBM Personal Communications <6.0.17-12.0.0.1 - Info Disclosure

Title source: llm

Description

IBM Personal Communications (aka PCOMM) 6.x before 6.0.17 and 12.x before 12.0.0.1 does not properly restrict credential extraction, which allows local users to discover passwords by leveraging access to the victim account and executing a PowerShell script.

References (3)

Scores

CVSS v3 6.2
EPSS 0.0013
EPSS Percentile 32.8%
Attack Vector LOCAL
CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Classification

CWE
CWE-200
Status draft

Affected Products (18)

ibm/personal_communications
ibm/personal_communications
ibm/personal_communications
ibm/personal_communications
ibm/personal_communications
ibm/personal_communications
ibm/personal_communications
ibm/personal_communications
ibm/personal_communications
ibm/personal_communications
ibm/personal_communications
ibm/personal_communications
ibm/personal_communications
ibm/personal_communications
ibm/personal_communications
... and 3 more

Timeline

Published Jul 17, 2016
Tracked Since Feb 18, 2026