Vulnerabilities > IBM > Datacap > Medium

DATE CVE VULNERABILITY TITLE RISK
2024-07-15 CVE-2024-39729 Unspecified vulnerability in IBM Datacap and Datacap Navigator
IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8, and 9.1.9 could allow an authenticated user to obtain sensitive information from source code that could be used in further attacks against the system.
network
low complexity
ibm
4.3
2024-07-15 CVE-2024-39735 Cross-site Scripting vulnerability in IBM Datacap and Datacap Navigator
IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8, and 9.1.9 is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
2024-07-15 CVE-2024-39740 Unspecified vulnerability in IBM Datacap and Datacap Navigator
IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8, and 9.1.9 displays version information in HTTP requests that could allow an attacker to gather information for future attacks against the system.
network
low complexity
ibm
5.3
2024-07-15 CVE-2024-39741 Unspecified vulnerability in IBM Datacap and Datacap Navigator
IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8, and 9.1.9 could allow a remote attacker to traverse directories on the system.
network
low complexity
ibm
5.3
2024-07-15 CVE-2024-39728 Unspecified vulnerability in IBM Datacap and Datacap Navigator
IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8, and 9.1.9 is vulnerable to stored cross-site scripting.
network
low complexity
ibm
5.4
2024-07-15 CVE-2024-39737 Unspecified vulnerability in IBM Datacap and Datacap Navigator
IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8, and 9.1.9 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser.
network
low complexity
ibm
5.3
2024-07-15 CVE-2024-39739 Unspecified vulnerability in IBM Datacap and Datacap Navigator
IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8, and 9.1.9 is vulnerable to server-side request forgery (SSRF).
network
low complexity
ibm
4.3
2024-07-14 CVE-2024-39734 Reliance on Cookies without Validation and Integrity Checking vulnerability in IBM Datacap
IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8, and 9.1.9 does not set the secure attribute on authorization tokens or session cookies.
network
low complexity
ibm CWE-565
4.3
2018-09-12 CVE-2018-1773 Improper Authentication vulnerability in IBM Datacap 9.1.1/9.1.3/9.1.4
IBM Datacap Fastdoc Capture 9.1.1, 9.1.3, and 9.1.4 could allow an authenticated user to bypass future authentication mechanisms once the initial login is completed.
network
low complexity
ibm CWE-287
4.3