CVE-2016-0321

medium

Description

IBM Personal Communications (aka PCOMM) 6.x before 6.0.17 and 12.x before 12.0.0.1 does not properly restrict credential extraction, which allows local users to discover passwords by leveraging access to the victim account and executing a PowerShell script.

References

http://www.securityfocus.com/bid/91751

http://www-01.ibm.com/support/docview.wss?uid=swg21981692

http://www-01.ibm.com/support/docview.wss?uid=swg1IT12006

Details

Source: Mitre, NVD

Published: 2016-07-17

Updated: 2026-05-06

Risk Information

CVSS v2

Base Score: 2.1

Vector: CVSS2#AV:L/AC:L/Au:N/C:P/I:N/A:N

Severity: Low

CVSS v3

Base Score: 6.2

Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Severity: Medium

EPSS

EPSS: 0.00134