CVSS: 4.3EPSS: 0%CPEs: -EXPL: 0CVE-2024-39740 – IBM Datacap Navigator information disclosure
https://notcve.org/view.php?id=CVE-2024-39740
IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8, and 9.1.9 displays version information in HTTP requests that could allow an attacker to gather information for future attacks against the system. IBM X-Force ID: 296009. IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8 y 9.1.9 muestra información de versión en solicitudes HTTP que podrían permitir a un atacante recopilar información para futuros ataques contra el sistema. ID de IBM X-Force: 296009. • https://exchange.xforce.ibmcloud.com/vulnerabilities/296009 https://www.ibm.com/support/pages/node/7160185 • CWE-497: Exposure of Sensitive System Information to an Unauthorized Control Sphere •
CVSS: 4.3EPSS: 0%CPEs: -EXPL: 0CVE-2024-39729 – IBM Datacap Navigator information disclosure
https://notcve.org/view.php?id=CVE-2024-39729
IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8, and 9.1.9 could allow an authenticated user to obtain sensitive information from source code that could be used in further attacks against the system. IBM X-Force ID: 295968. IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8 y 9.1.9 podría permitir a un usuario autenticado obtener información confidencial del código fuente que podría usarse en futuros ataques contra el sistema. ID de IBM X-Force: 295968. • https://exchange.xforce.ibmcloud.com/vulnerabilities/295968 https://www.ibm.com/support/pages/node/7160185 • CWE-540: Inclusion of Sensitive Information in Source Code •
CVSS: 5.9EPSS: 0%CPEs: -EXPL: 0CVE-2024-39731 – IBM Datacap Navigator information disclosure
https://notcve.org/view.php?id=CVE-2024-39731
IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8, and 9.1.9 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 295970. IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8 y 9.1.9 utiliza algoritmos criptográficos más débiles de lo esperado que podrían permitir a un atacante descifrar información altamente confidencial. ID de IBM X-Force: 295970. • https://exchange.xforce.ibmcloud.com/vulnerabilities/295970 https://www.ibm.com/support/pages/node/7160185 • CWE-327: Use of a Broken or Risky Cryptographic Algorithm •
CVSS: 5.4EPSS: 0%CPEs: -EXPL: 0CVE-2024-39737 – IBM Datacap Navigator information disclosure
https://notcve.org/view.php?id=CVE-2024-39737
IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8, and 9.1.9 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 296004. IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8 y 9.1.9 podría permitir a un atacante remoto obtener información confidencial cuando se devuelve un mensaje de error técnico detallado en el navegador. Esta información podría usarse en futuros ataques contra el sistema. • https://exchange.xforce.ibmcloud.com/vulnerabilities/296004 https://www.ibm.com/support/pages/node/7160185 • CWE-209: Generation of Error Message Containing Sensitive Information •
CVSS: 6.2EPSS: 0%CPEs: -EXPL: 0CVE-2024-39733 – IBM Datacap Navigator information disclosure
https://notcve.org/view.php?id=CVE-2024-39733
IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8, and 9.1.9 stores user credentials in plain clear text which can be read by a local user. IBM X-Force ID: 295972. IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8 y 9.1.9 almacena las credenciales de usuario en texto plano que puede ser leído por un usuario local. ID de IBM X-Force: 295972. • https://exchange.xforce.ibmcloud.com/vulnerabilities/295972 https://www.ibm.com/support/pages/node/7160185 • CWE-256: Plaintext Storage of a Password •