cnvd - cnvd-2016-04113

cnvd-2016-04113

Vulnerability from cnvd

Title: IBM Personal Communications未授权访问漏洞

Description:

IBM Personal Communications是美国IBM公司的一套专用于Microsoft Windows的主机通信和终端仿真软件包，它提供虚拟终端 (VT) 仿真、系统网络体系结构 (SNA）等功能。

IBM Personal Communications 6.0版本至6.0.16版本和12.0版本存在未授权访问漏洞。攻击者可通过运行PowerShell Script利用该漏洞检索用户证书，提取用户密码。

Severity: 中

Patch Name: IBM Personal Communications未授权访问漏洞的补丁

Patch Description:

IBM Personal Communications 6.0版本至6.0.16版本和12.0版本存在未授权访问漏洞。攻击者可通过运行PowerShell Script利用该漏洞检索用户证书，提取用户密码。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description:

用户可参考如下供应商提供的安全公告获得补丁信息： http://www-01.ibm.com/support/docview.wss?uid=swg21981692

Reference: http://www-01.ibm.com/support/docview.wss?uid=swg21981692

Impacted products

Name
['IBM Personal Communications >=6.0，<=6.0.16', 'IBM Personal Communications 12.0']

Show details on source website

JSON

To clipboard

{
  "bids": {
    "bid": {
      "bidNumber": "91751"
    }
  },
  "cves": {
    "cve": {
      "cveNumber": "CVE-2016-0321"
    }
  },
  "description": "IBM Personal Communications\u662f\u7f8e\u56fdIBM\u516c\u53f8\u7684\u4e00\u5957\u4e13\u7528\u4e8eMicrosoft Windows\u7684\u4e3b\u673a\u901a\u4fe1\u548c\u7ec8\u7aef\u4eff\u771f\u8f6f\u4ef6\u5305\uff0c\u5b83\u63d0\u4f9b\u865a\u62df\u7ec8\u7aef (VT) \u4eff\u771f\u3001\u7cfb\u7edf\u7f51\u7edc\u4f53\u7cfb\u7ed3\u6784 (SNA\uff09\u7b49\u529f\u80fd\u3002\r\n\r\nIBM Personal Communications 6.0\u7248\u672c\u81f36.0.16\u7248\u672c\u548c12.0\u7248\u672c\u5b58\u5728\u672a\u6388\u6743\u8bbf\u95ee\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u901a\u8fc7\u8fd0\u884cPowerShell Script\u5229\u7528\u8be5\u6f0f\u6d1e\u68c0\u7d22\u7528\u6237\u8bc1\u4e66\uff0c\u63d0\u53d6\u7528\u6237\u5bc6\u7801\u3002",
  "discovererName": "IBM",
  "formalWay": "\u7528\u6237\u53ef\u53c2\u8003\u5982\u4e0b\u4f9b\u5e94\u5546\u63d0\u4f9b\u7684\u5b89\u5168\u516c\u544a\u83b7\u5f97\u8865\u4e01\u4fe1\u606f\uff1a\r\nhttp://www-01.ibm.com/support/docview.wss?uid=swg21981692",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2016-04113",
  "openTime": "2016-06-21",
  "patchDescription": "IBM Personal Communications\u662f\u7f8e\u56fdIBM\u516c\u53f8\u7684\u4e00\u5957\u4e13\u7528\u4e8eMicrosoft Windows\u7684\u4e3b\u673a\u901a\u4fe1\u548c\u7ec8\u7aef\u4eff\u771f\u8f6f\u4ef6\u5305\uff0c\u5b83\u63d0\u4f9b\u865a\u62df\u7ec8\u7aef (VT) \u4eff\u771f\u3001\u7cfb\u7edf\u7f51\u7edc\u4f53\u7cfb\u7ed3\u6784 (SNA\uff09\u7b49\u529f\u80fd\u3002\r\n\r\nIBM Personal Communications 6.0\u7248\u672c\u81f36.0.16\u7248\u672c\u548c12.0\u7248\u672c\u5b58\u5728\u672a\u6388\u6743\u8bbf\u95ee\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u901a\u8fc7\u8fd0\u884cPowerShell Script\u5229\u7528\u8be5\u6f0f\u6d1e\u68c0\u7d22\u7528\u6237\u8bc1\u4e66\uff0c\u63d0\u53d6\u7528\u6237\u5bc6\u7801\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "IBM Personal Communications\u672a\u6388\u6743\u8bbf\u95ee\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": [
      "IBM Personal Communications \u003e=6.0\uff0c\u003c=6.0.16",
      "IBM Personal Communications  12.0"
    ]
  },
  "referenceLink": "http://www-01.ibm.com/support/docview.wss?uid=swg21981692",
  "serverity": "\u4e2d",
  "submitTime": "2016-06-18",
  "title": "IBM Personal Communications\u672a\u6388\u6743\u8bbf\u95ee\u6f0f\u6d1e"
}

CVE-2016-0321 (GCVE-0-2016-0321)

Vulnerability from cvelistv5

Published

2016-07-17 22:00

Modified

2024-08-05 22:15

Severity ?

CWE

Summary

IBM Personal Communications (aka PCOMM) 6.x before 6.0.17 and 12.x before 12.0.0.1 does not properly restrict credential extraction, which allows local users to discover passwords by leveraging access to the victim account and executing a PowerShell script.

References

▼	URL	Tags
	http://www-01.ibm.com/support/docview.wss?uid=swg21981692	x_refsource_CONFIRM
	http://www.securityfocus.com/bid/91751	vdb-entry, x_refsource_BID
	http://www-01.ibm.com/support/docview.wss?uid=swg1IT12006	vendor-advisory, x_refsource_AIXAPAR

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T22:15:23.548Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21981692"
          },
          {
            "name": "91751",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/91751"
          },
          {
            "name": "IT12006",
            "tags": [
              "vendor-advisory",
              "x_refsource_AIXAPAR",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IT12006"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-07-12T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "IBM Personal Communications (aka PCOMM) 6.x before 6.0.17 and 12.x before 12.0.0.1 does not properly restrict credential extraction, which allows local users to discover passwords by leveraging access to the victim account and executing a PowerShell script."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2016-11-25T19:57:01",
        "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "shortName": "ibm"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21981692"
        },
        {
          "name": "91751",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/91751"
        },
        {
          "name": "IT12006",
          "tags": [
            "vendor-advisory",
            "x_refsource_AIXAPAR"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IT12006"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@us.ibm.com",
          "ID": "CVE-2016-0321",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "IBM Personal Communications (aka PCOMM) 6.x before 6.0.17 and 12.x before 12.0.0.1 does not properly restrict credential extraction, which allows local users to discover passwords by leveraging access to the victim account and executing a PowerShell script."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21981692",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21981692"
            },
            {
              "name": "91751",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/91751"
            },
            {
              "name": "IT12006",
              "refsource": "AIXAPAR",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IT12006"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
    "assignerShortName": "ibm",
    "cveId": "CVE-2016-0321",
    "datePublished": "2016-07-17T22:00:00",
    "dateReserved": "2015-12-08T00:00:00",
    "dateUpdated": "2024-08-05T22:15:23.548Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted