7.5

CVE-2026-8636

Multiple Vulnerabilities in IBM Datacap

IBM Datacap 9.1.7, 9.1.8, and 9.1.9 and IBM Datacap Navigator 9.1.7, 9.1.8, and 9.1.9 allows an attacker to retrieve user passwords and cryptographic keys from memory. Attacker can use the same keys to decrypt password, gain access to the application and access sensitive data in the database.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
IbmDatacap Version9.1.7
IbmDatacap Version9.1.8
IbmDatacap Version9.1.9
IbmDatacap Navigator Version9.1.7
IbmDatacap Navigator Version9.1.8
IbmDatacap Navigator Version9.1.9
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.15% 0.043
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.5 3.9 3.6
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
psirt@us.ibm.com 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
CWE-316 Cleartext Storage of Sensitive Information in Memory

The product stores sensitive information in cleartext in memory.

https://www.ibm.com/support/pages/node/7276609
Vendor Advisory