SQL Injection Vulnerability in IBM Datacap Taskmaster Capture
CVE-2020-4902
6.3MEDIUM
Summary
IBM Datacap Taskmaster Capture version 9.1.7 is susceptible to SQL injection, allowing remote attackers to exploit the vulnerability. This occurs through the submission of specially crafted SQL queries, enabling unauthorized access to read, modify, or delete sensitive information from the system's back-end database. It is crucial for users of IBM Datacap to apply necessary security measures to protect against potential data breaches.
Affected Version(s)
Datacap Navigator 9.1.7
References
CVSS V3.1
Score:
6.3
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved