5.3
CVE-2026-9610
- EPSS 0.19%
- Veröffentlicht 22.06.2026 14:22:34
- Zuletzt bearbeitet 26.06.2026 21:19:13
- Quelle psirt@us.ibm.com
- CVE-Watchlists
- Unerledigt
Multiple Vulnerabilities in IBM Datacap
IBM Datacap 9.1.7, 9.1.8, and 9.1.9 and IBM Datacap Navigator 9.1.7, 9.1.8, and 9.1.9 exposes resources or functionality that isn't linked in the UI but is accessible by directly requesting the URL, bypassing intended access controls.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Ibm ≫ Datacap Navigator Version9.1.7
Ibm ≫ Datacap Navigator Version9.1.8
Ibm ≫ Datacap Navigator Version9.1.9
VulnDex Vulnerability Enrichment
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.19% | 0.087 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5.3 | 3.9 | 1.4 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
|
| psirt@us.ibm.com | 2.3 | 0.8 | 1.4 |
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N
|
CWE-425 Direct Request ('Forced Browsing')
The web application does not adequately enforce appropriate authorization on all restricted URLs, scripts, or files.
https://www.ibm.com/support/pages/node/7276609