Credential Extraction Vulnerability in IBM Personal Communications (PCOMM) 6.x and 12.x

Credential Extraction Vulnerability in IBM Personal Communications (PCOMM) 6.x and 12.x

CVE-2016-0321 · LOW Severity

AV:L/AC:L/AU:N/C:P/I:N/A:N

IBM Personal Communications (aka PCOMM) 6.x before 6.0.17 and 12.x before 12.0.0.1 does not properly restrict credential extraction, which allows local users to discover passwords by leveraging access to the victim account and executing a PowerShell script.

Learn more about our User Device Pen Test.