IBM Personal Communications (aka PCOMM) 6.x prior to 6.0.17 and 12.x prior to 12.0.0.1 does not properly restrict credential extraction, which allows local users to discover passwords by leveraging access to the victim account and executing a PowerShell script.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
ibm personal communications 12.0.0 |
||
ibm personal communications 6.0.16 |
||
ibm personal communications 6.0.15 |
||
ibm personal communications 6.0.8 |
||
ibm personal communications 6.0.7 |
||
ibm personal communications 6.0.6 |
||
ibm personal communications 6.0.14 |
||
ibm personal communications 6.0.13 |
||
ibm personal communications 6.0.5 |
||
ibm personal communications 6.0.4 |
||
ibm personal communications 6.0.12 |
||
ibm personal communications 6.0.11 |
||
ibm personal communications 6.0.3 |
||
ibm personal communications 6.0.2 |
||
ibm personal communications 6.0.10 |
||
ibm personal communications 6.0.9 |
||
ibm personal communications 6.0.1 |
||
ibm personal communications 6.0.0 |