IBM Datacap Navigator Weaker Cryptographic Algorithms Vulnerability
CVE-2024-39731

7.5HIGH

Key Information:

Vendor: IBM
Status: Datacap
Vendor: CVE Published:; 15 July 2024

Summary

IBM Datacap Navigator versions 9.1.5 through 9.1.9 are affected by vulnerabilities due to the utilization of weaker than expected cryptographic algorithms. This security issue poses significant risks, as it may allow unauthorized attackers to decrypt sensitive data. Organizations using these versions must be aware of the potential exposure of highly confidential information and take the necessary steps to mitigate these risks. The security flaw has been identified and cataloged under IBM X-Force ID: 295970. Recommendations for improved cryptographic practices and an upgrade path to secure versions are advisable.

References

https://www.ibm.com/support/pages/node/7160185

https://exchange.xforce.ibmcloud.com/vulnerabilities/295970

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jul 15, 2024