7.5
CVE-2026-8636
- EPSS 0.15%
- Veröffentlicht 22.06.2026 14:16:01
- Zuletzt bearbeitet 26.06.2026 21:20:52
- Quelle psirt@us.ibm.com
- CVE-Watchlists
- Unerledigt
Multiple Vulnerabilities in IBM Datacap
IBM Datacap 9.1.7, 9.1.8, and 9.1.9 and IBM Datacap Navigator 9.1.7, 9.1.8, and 9.1.9 allows an attacker to retrieve user passwords and cryptographic keys from memory. Attacker can use the same keys to decrypt password, gain access to the application and access sensitive data in the database.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Ibm ≫ Datacap Navigator Version9.1.7
Ibm ≫ Datacap Navigator Version9.1.8
Ibm ≫ Datacap Navigator Version9.1.9
VulnDex Vulnerability Enrichment
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.15% | 0.043 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 3.9 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
|
| psirt@us.ibm.com | 5.5 | 1.8 | 3.6 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
|
CWE-316 Cleartext Storage of Sensitive Information in Memory
The product stores sensitive information in cleartext in memory.
https://www.ibm.com/support/pages/node/7276609