CVE-2018-1773Improper Authentication in IBM Datacap

CWE-287Improper Authentication3 documents3 sources
Severity
4.3MEDIUMNVD
EPSS
0.2%
top 63.03%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
IBM Datacap
Timeline
PublishedSep 12
Latest updateMay 13

Description

IBM Datacap Fastdoc Capture 9.1.1, 9.1.3, and 9.1.4 could allow an authenticated user to bypass future authentication mechanisms once the initial login is completed. IBM X-Force ID: 148691.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:NExploitability: 2.8 | Impact: 1.4

Affected Packages2 packages

CVEListV5ibm/datacap9.1.1, 9.1.3, 9.1.4+2
NVDibm/datacap9.1.1, 9.1.3, 9.1.4+2

Patches

Patch: www.ibm.comPatch: www.ibm.com

🔴Vulnerability Details

2
GHSA
GHSA-g4hp-fw6r-gm2q: IBM Datacap Fastdoc Capture 92022-05-13
CVEList
CVE-2018-1773: IBM Datacap Fastdoc Capture 92018-09-12
CVE-2018-1773 — Improper Authentication in IBM Datacap | cvebase