CVE-2024-39730 IBM Datacap clickjacking

IBM Datacap Navigator 9.1.7, 9.1.8, and 9.1.9 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch further attack...

CVE-2024-39730 IBM Datacap clickjacking

IBM Datacap Navigator 9.1.7, 9.1.8, and 9.1.9 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch further attack...

CVE-2024-39730

The CVE-2024-39730 issue affects IBM Datacap Navigator 9.1.7–9.1.9 and allows a remote attacker to hijack a victim’s click actions by luring them to a malicious site. The Red Hat bulletin and IBM/IBM X-Force references cite a CWE-451 UI misrepresentation root cause, with a CVSSv3.1 base score of ...

IBM Datacap 安全漏洞

IBM Datacap is a document capture and processing software from International Business Machines IBM that captures data from various sources e.g., scanner, email, fax, etc. in paper or electronic documents and converts them into editable and searchable digital formats, which are widely used in...

IBM Datacap 安全漏洞

IBM Datacap is a document capture and processing software from International Business Machines IBM that captures data from various sources e.g., scanner, email, fax, etc. in paper or electronic documents and converts them into editable and searchable digital formats, which are widely used in...

IBM Datacap Navigator 安全漏洞

IBM Datacap Navigator is a Web client for Datacap from International Business Machines IBM. A security vulnerability exists in IBM Datacap Navigator versions 9.1.7, 9.1.8, and 9.1.9, which originates from a remote attacker who may hijack a victim's click-to-operate...

PT-2025-27283 · Ibm · Ibm Datacap

Name of the Vulnerable Software and Affected Versions: IBM Datacap versions 9.1.7 through 9.1.9 Description: The issue could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this issue to...

PT-2025-27280 · Ibm · Ibm Datacap Navigator

Name of the Vulnerable Software and Affected Versions: IBM Datacap Navigator versions 9.1.7 through 9.1.9 Description: The issue allows a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this...

PT-2025-27282 · Ibm · Ibm Datacap

Name of the Vulnerable Software and Affected Versions: IBM Datacap versions 9.1.7 through 9.1.9 Description: The issue is related to the improper handling of authorization tokens and session cookies, as the software does not set the secure attribute on these cookies or tokens. Attackers may be ab...

CVE-2024-39731

IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8, and 9.1.9 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 295970...

CVE-2024-39739

IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8, and 9.1.9 is vulnerable to server-side request forgery SSRF. This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks. IBM X-Force ID: 296008...

CVE-2024-39732

IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8, and 9.1.9 temporarily stores data from different environments that could be obtained by a malicious user. IBM X-Force ID: 295791...

CVE-2024-39741

IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8, and 9.1.9 could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request containing "dot dot" sequences /../ to view arbitrary files on the system. IBM X-Force ID: 296010...

Security Bulletin: Multiple Vulnerabilities in IBM Datacap

Summary Multiple vulnerabilities were addressed in IBM Datacap version 9.1.9 Interim Fix 005 Vulnerability Details CVEID:CVE-2024-39734 DESCRIPTION: IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8, and 9.1.9 does not set the secure attribute on authorization tokens or session cookies. Attackers...

Security Bulletin: Multiple IBM® Db2® security vulnerability fixes

Summary If you use IBM® Db2® as your database in your IBM Datacap deployment, please follow the Db2 security bulletins referred here to remedy the vulnerabilities. IBM® Db2® is vulnerable to denial of service under specific conditions CVE-2024-45663, CVE-2024-41761, CVE-2024-41762, CVE-2024-37071...

Security Bulletin: IBM® Db2® is vulnerable to denial of service with a specially crafted query (CVE-2024-37529)

Summary If you use IBM® Db2® as your database in your IBM Datacap deployment, please follow the Db2 security bulletin referred in the Title to remedy the vulnerability. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected Products and Versions...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK and IBM Java Runtime affect Db2 (October 2023 CPU)

Summary If you use IBM® Db2® as your database in your IBM Datacap deployment, please follow the Db2 security bulletin referred here to remedy the vulnerabilities. Vulnerability Details CVEID:CVE-2023-22081 DESCRIPTION: An unspecified vulnerability in Java SE related to the JSSE component could...

The vulnerability in the web client of IBM Datacap Navigator software for document collection and processing involves the absence of a “Secure” flag in session cookies. This allows an attacker to gain unauthorized access to protected information.

The vulnerability of the IBM Datacap Navigator web client software for document collection and processing lies in the absence of a “Secure” flag in the session cookies. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information by intercepting the...

The vulnerability in the web-based client of IBM Datacap Navigator software for document collection and processing involves the unencrypted storage of critical information, allowing an intruder to gain unauthorized access to protected data.

The vulnerability of the IBM Datacap Navigator web client software for document collection and processing involves the unencrypted storage of critical information. Exploiting this vulnerability could allow an attacker to gain unauthorized access to protected data...

The vulnerability in the web-based client of IBM Datacap Navigator software for document collection and processing involves security flaws in the source code of IBM Datacap, allowing attackers to gain unauthorized access to protected information.

The vulnerability of the IBM Datacap Navigator web client software for document collection and processing involves deficiencies in the security protection of operational data in the source code. Exploiting this vulnerability could allow an attacker operating remotely to gain unauthorized access t...