Lucene search

IbmCVE-2024-39737

HistoryJul 15, 2024 - 2:15 a.m.

CVE-2024-39737

2024-07-1502:15:06

CWE-209

ibm

web.nvd.nist.gov

ibm datacap navigator

remote attacker

sensitive information

CVSS3

5.4

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N

AI Score

5.1

Confidence

High

EPSS

Percentile

13.5%

JSON

IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8, and 9.1.9 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 296004.

Affected configurations

Nvd

Vulners

Node

ibmdatacapMatch9.1.5

ibmdatacapMatch9.1.6

ibmdatacapMatch9.1.7

ibmdatacapMatch9.1.8

ibmdatacapMatch9.1.9

ibmdatacap_navigator

VendorProductVersionCPE
ibmdatacap9.1.5cpe:2.3:a:ibm:datacap:9.1.5:*:*:*:*:*:*:*
ibmdatacap9.1.6cpe:2.3:a:ibm:datacap:9.1.6:*:*:*:*:*:*:*
ibmdatacap9.1.7cpe:2.3:a:ibm:datacap:9.1.7:*:*:*:*:*:*:*
ibmdatacap9.1.8cpe:2.3:a:ibm:datacap:9.1.8:*:*:*:*:*:*:*
ibmdatacap9.1.9cpe:2.3:a:ibm:datacap:9.1.9:*:*:*:*:*:*:*
ibmdatacap_navigator*cpe:2.3:a:ibm:datacap_navigator:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
ibm	datacap	9.1.5	cpe:2.3:a:ibm:datacap:9.1.5:::::::*
ibm	datacap	9.1.6	cpe:2.3:a:ibm:datacap:9.1.6:::::::*
ibm	datacap	9.1.7	cpe:2.3:a:ibm:datacap:9.1.7:::::::*
ibm	datacap	9.1.8	cpe:2.3:a:ibm:datacap:9.1.8:::::::*
ibm	datacap	9.1.9	cpe:2.3:a:ibm:datacap:9.1.9:::::::*
ibm	datacap_navigator	*	cpe:2.3:a:ibm:datacap_navigator::::::::

CNA Affected

[
  {
    "cpes": [
      "cpe:2.3:a:ibm:datacap:9.1.5:*:*:*:*:*:*:*",
      "cpe:2.3:a:ibm:datacap:9.1.6:*:*:*:*:*:*:*",
      "cpe:2.3:a:ibm:datacap:9.1.7:*:*:*:*:*:*:*",
      "cpe:2.3:a:ibm:datacap:9.1.8:*:*:*:*:*:*:*",
      "cpe:2.3:a:ibm:datacap:9.1.9:*:*:*:*:*:*:*"
    ],
    "defaultStatus": "unaffected",
    "product": "Datacap Navigator",
    "vendor": "IBM",
    "versions": [
      {
        "status": "affected",
        "version": "9.1.5, 9.1.6, 9.1.7, 9.1.8, 9.1.9"
      }
    ]
  }
]

References

exchange.xforce.ibmcloud.com/vulnerabilities/296004

www.ibm.com/support/pages/node/7160185

CVSS3

5.4

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N

AI Score

5.1

Confidence

High

EPSS

Percentile

13.5%

JSON

Related for CVE-2024-39737