SQL Injection Vulnerability in IBM Datacap Taskmaster Capture
CVE-2020-4902

6.3MEDIUM

Key Information:

Vendor
IBM
Vendor
CVE Published:
1 July 2021

Summary

IBM Datacap Taskmaster Capture version 9.1.7 is susceptible to SQL injection, allowing remote attackers to exploit the vulnerability. This occurs through the submission of specially crafted SQL queries, enabling unauthorized access to read, modify, or delete sensitive information from the system's back-end database. It is crucial for users of IBM Datacap to apply necessary security measures to protect against potential data breaches.

Affected Version(s)

Datacap Navigator 9.1.7

References

CVSS V3.1

Score:
6.3
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.