cnvd - cnvd-2016-04113

CNVD-2016-04113

Vulnerability from cnvd - Published: 2016-06-21

Title

IBM Personal Communications未授权访问漏洞

Description

IBM Personal Communications是美国IBM公司的一套专用于Microsoft Windows的主机通信和终端仿真软件包，它提供虚拟终端 (VT) 仿真、系统网络体系结构 (SNA）等功能。 IBM Personal Communications 6.0版本至6.0.16版本和12.0版本存在未授权访问漏洞。攻击者可通过运行PowerShell Script利用该漏洞检索用户证书，提取用户密码。

Severity

中

Patch Name

IBM Personal Communications未授权访问漏洞的补丁

Patch Description

Formal description

用户可参考如下供应商提供的安全公告获得补丁信息： http://www-01.ibm.com/support/docview.wss?uid=swg21981692

Reference

http://www-01.ibm.com/support/docview.wss?uid=swg21981692

Impacted products

Name
['IBM Personal Communications >=6.0，<=6.0.16', 'IBM Personal Communications 12.0']

Show details on source website

JSON

To clipboard

{
  "bids": {
    "bid": {
      "bidNumber": "91751"
    }
  },
  "cves": {
    "cve": {
      "cveNumber": "CVE-2016-0321"
    }
  },
  "description": "IBM Personal Communications\u662f\u7f8e\u56fdIBM\u516c\u53f8\u7684\u4e00\u5957\u4e13\u7528\u4e8eMicrosoft Windows\u7684\u4e3b\u673a\u901a\u4fe1\u548c\u7ec8\u7aef\u4eff\u771f\u8f6f\u4ef6\u5305\uff0c\u5b83\u63d0\u4f9b\u865a\u62df\u7ec8\u7aef (VT) \u4eff\u771f\u3001\u7cfb\u7edf\u7f51\u7edc\u4f53\u7cfb\u7ed3\u6784 (SNA\uff09\u7b49\u529f\u80fd\u3002\r\n\r\nIBM Personal Communications 6.0\u7248\u672c\u81f36.0.16\u7248\u672c\u548c12.0\u7248\u672c\u5b58\u5728\u672a\u6388\u6743\u8bbf\u95ee\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u901a\u8fc7\u8fd0\u884cPowerShell Script\u5229\u7528\u8be5\u6f0f\u6d1e\u68c0\u7d22\u7528\u6237\u8bc1\u4e66\uff0c\u63d0\u53d6\u7528\u6237\u5bc6\u7801\u3002",
  "discovererName": "IBM",
  "formalWay": "\u7528\u6237\u53ef\u53c2\u8003\u5982\u4e0b\u4f9b\u5e94\u5546\u63d0\u4f9b\u7684\u5b89\u5168\u516c\u544a\u83b7\u5f97\u8865\u4e01\u4fe1\u606f\uff1a\r\nhttp://www-01.ibm.com/support/docview.wss?uid=swg21981692",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2016-04113",
  "openTime": "2016-06-21",
  "patchDescription": "IBM Personal Communications\u662f\u7f8e\u56fdIBM\u516c\u53f8\u7684\u4e00\u5957\u4e13\u7528\u4e8eMicrosoft Windows\u7684\u4e3b\u673a\u901a\u4fe1\u548c\u7ec8\u7aef\u4eff\u771f\u8f6f\u4ef6\u5305\uff0c\u5b83\u63d0\u4f9b\u865a\u62df\u7ec8\u7aef (VT) \u4eff\u771f\u3001\u7cfb\u7edf\u7f51\u7edc\u4f53\u7cfb\u7ed3\u6784 (SNA\uff09\u7b49\u529f\u80fd\u3002\r\n\r\nIBM Personal Communications 6.0\u7248\u672c\u81f36.0.16\u7248\u672c\u548c12.0\u7248\u672c\u5b58\u5728\u672a\u6388\u6743\u8bbf\u95ee\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u901a\u8fc7\u8fd0\u884cPowerShell Script\u5229\u7528\u8be5\u6f0f\u6d1e\u68c0\u7d22\u7528\u6237\u8bc1\u4e66\uff0c\u63d0\u53d6\u7528\u6237\u5bc6\u7801\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "IBM Personal Communications\u672a\u6388\u6743\u8bbf\u95ee\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": [
      "IBM Personal Communications \u003e=6.0\uff0c\u003c=6.0.16",
      "IBM Personal Communications  12.0"
    ]
  },
  "referenceLink": "http://www-01.ibm.com/support/docview.wss?uid=swg21981692",
  "serverity": "\u4e2d",
  "submitTime": "2016-06-18",
  "title": "IBM Personal Communications\u672a\u6388\u6743\u8bbf\u95ee\u6f0f\u6d1e"
}

CVE-2016-0321 (GCVE-0-2016-0321)

Vulnerability from cvelistv5 – Published: 2016-07-17 22:00 – Updated: 2024-08-05 22:15

Summary

IBM Personal Communications (aka PCOMM) 6.x before 6.0.17 and 12.x before 12.0.0.1 does not properly restrict credential extraction, which allows local users to discover passwords by leveraging access to the victim account and executing a PowerShell script.

Severity ?

No CVSS data available.

CWE

Assigner

ibm

References

URL

Tags

	http://www-01.ibm.com/support/docview.wss?uid=swg…	x_refsource_CONFIRM
	http://www.securityfocus.com/bid/91751	vdb-entryx_refsource_BID
	http://www-01.ibm.com/support/docview.wss?uid=swg…	vendor-advisoryx_refsource_AIXAPAR

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T22:15:23.548Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21981692"
          },
          {
            "name": "91751",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/91751"
          },
          {
            "name": "IT12006",
            "tags": [
              "vendor-advisory",
              "x_refsource_AIXAPAR",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IT12006"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-07-12T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "IBM Personal Communications (aka PCOMM) 6.x before 6.0.17 and 12.x before 12.0.0.1 does not properly restrict credential extraction, which allows local users to discover passwords by leveraging access to the victim account and executing a PowerShell script."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2016-11-25T19:57:01",
        "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "shortName": "ibm"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21981692"
        },
        {
          "name": "91751",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/91751"
        },
        {
          "name": "IT12006",
          "tags": [
            "vendor-advisory",
            "x_refsource_AIXAPAR"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IT12006"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@us.ibm.com",
          "ID": "CVE-2016-0321",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "IBM Personal Communications (aka PCOMM) 6.x before 6.0.17 and 12.x before 12.0.0.1 does not properly restrict credential extraction, which allows local users to discover passwords by leveraging access to the victim account and executing a PowerShell script."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21981692",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21981692"
            },
            {
              "name": "91751",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/91751"
            },
            {
              "name": "IT12006",
              "refsource": "AIXAPAR",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IT12006"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
    "assignerShortName": "ibm",
    "cveId": "CVE-2016-0321",
    "datePublished": "2016-07-17T22:00:00",
    "dateReserved": "2015-12-08T00:00:00",
    "dateUpdated": "2024-08-05T22:15:23.548Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CNVD-2016-04113

CVE-2016-0321 (GCVE-0-2016-0321)

Tags

Sightings

Nomenclature