234 matches found
CVE-2024-39732
IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8, and 9.1.9 temporarily stores data from different environments that could be obtained by a malicious user. IBM X-Force ID: 295791...
CVE-2024-39732
IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8, and 9.1.9 temporarily stores data from different environments that could be obtained by a malicious user. IBM X-Force ID: 295791...
CVE-2024-39733
IBM Datacap Navigator 9.1.5–9.1.9 stores user credentials in plaintext, allowing local read access and exposing confidentiality. The issue is confirmed across multiple sources (NVD, Red Hat, CNVD/CVE listings). Impact is confidentiality loss (C:H) with LOCAL access and LOW/no user interaction req...
CVE-2024-39733 IBM Datacap Navigator information disclosure
IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8, and 9.1.9 stores user credentials in plain clear text which can be read by a local user. IBM X-Force ID: 295972...
CVE-2024-39733 IBM Datacap Navigator information disclosure
IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8, and 9.1.9 stores user credentials in plain clear text which can be read by a local user. IBM X-Force ID: 295972...
CVE-2024-39732 IBM Datacap Navigator information disclosure
IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8, and 9.1.9 temporarily stores data from different environments that could be obtained by a malicious user. IBM X-Force ID: 295791...
CVE-2024-39732 IBM Datacap Navigator information disclosure
IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8, and 9.1.9 temporarily stores data from different environments that could be obtained by a malicious user. IBM X-Force ID: 295791...
CVE-2024-39732
CVE-2024-39732 affects IBM Datacap Navigator 9.1.5–9.1.9. The issue is information disclosure due to data stored temporarily from different environments that could be obtained by a malicious user. Affected versions: 9.1.5, 9.1.6, 9.1.7, 9.1.8, 9.1.9. The connected documents describe the root caus...
CVE-2024-39734 IBM Datacap Navigator information disclosure
IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8, and 9.1.9 does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a http:// link to a user or by planting this link in a site the user goes to. The cookie will be sent...
CVE-2024-39734
IBM Datacap Navigator (Datacap Navigator 9.1.5–9.1.9) does not set the secure attribute on authorization tokens or session cookies, enabling potential cookie disclosure when users click http:// links or visit pages with such links. The cited entry from IBM states the impact as cookie values being...
CVE-2024-39734 IBM Datacap Navigator information disclosure
IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8, and 9.1.9 does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a http:// link to a user or by planting this link in a site the user goes to. The cookie will be sent...
PT-2024-5324 · Ibm · Ibm Datacap Navigator
Name of the Vulnerable Software and Affected Versions: IBM Datacap Navigator versions 9.1.5 through 9.1.9 Description: The issue is related to the storage of critical information in plain clear text, which can be accessed by a local user. This could allow an attacker to gain unauthorized access t...
PT-2024-5033 · Ibm · Ibm Datacap Navigator
Name of the Vulnerable Software and Affected Versions: IBM Datacap Navigator versions 9.1.5 through 9.1.9 Description: The issue is related to the temporary storage of data from different environments in an unencrypted manner, which could be obtained by a malicious user. This could allow an...
PT-2024-5095 · Ibm · Ibm Datacap Navigator
Name of the Vulnerable Software and Affected Versions: IBM Datacap Navigator versions 9.1.5 through 9.1.9 Description: The issue is related to insufficient protection of service data in the source code, allowing an authenticated user to obtain sensitive information that could be used in further...
PT-2024-4960 · Ibm · Ibm Datacap Navigator
Name of the Vulnerable Software and Affected Versions: IBM Datacap Navigator versions 9.1.5 through 9.1.9 Description: The issue exists due to insufficient protection of the web page structure, allowing for stored cross-site scripting attacks. This enables users to embed arbitrary JavaScript code...
PT-2024-5093 · Ibm · Ibm Datacap Navigator
Name of the Vulnerable Software and Affected Versions: IBM Datacap Navigator versions 9.1.5 through 9.1.9 Description: The issue is related to the error reporting mechanism in IBM Datacap Navigator, which could allow a remote attacker to obtain sensitive information when a detailed technical erro...
PT-2024-4961 · Ibm · Ibm Datacap Navigator
Name of the Vulnerable Software and Affected Versions: IBM Datacap Navigator versions 9.1.5 through 9.1.9 Description: The issue is related to the disclosure of system data to unauthorized individuals. It can be exploited by a remote attacker who sends specially crafted HTTP requests to reveal...
PT-2024-4958 · Ibm · Ibm Datacap Navigator
Name of the Vulnerable Software and Affected Versions: IBM Datacap Navigator versions 9.1.5 through 9.1.9 Description: The issue is related to improper validation of input by the HOST headers in HTTP requests, which could allow a remote attacker to conduct various attacks, including cross-site...
Security Bulletin: Multiple Vulnerabilities in IBM Datacap
Summary Multiple vulnerabilities were addressed in IBM Datacap version 9.1.9 Interim Fix 004 Vulnerability Details CVEID:CVE-2023-26965 DESCRIPTION: LibTIFF is vulnerable to a denial of service, caused by a heap-based buffer overflow in the loadImage function in /libtiff/tools/tiffcrop.c. By...
Security Bulletin: IBM® Db2® is vulnerable to denial of service with a specially crafted query (CVE-2023-47158)
Summary If you use IBM® Db2® as your database in your IBM Datacap deployment, please follow the Db2 security bulletin referred in the Title to remedy the vulnerability. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected Products and Versions...