CVE Radar Logo
CVERadar
CVE Radar Logo
CVERadar

CVE-2024-39729

High Severity
Ibm
SVRS
45/100
CVSSv3
4.3/10
EPSS
0.00021/1

CVE-2024-39729 affects IBM Datacap Navigator, potentially exposing sensitive source code information to authenticated users. This vulnerability could enable attackers to gather information for further system attacks. IBM Datacap Navigator versions 9.1.5 through 9.1.9 are affected. While the CVSS score is 4.3, indicating a medium severity, the SOCRadar Vulnerability Risk Score (SVRS) is 45, suggesting a moderate level of risk, though not critical. The vulnerability allows authenticated users to potentially view source code, leading to information disclosure. The IBM X-Force ID for this issue is 295968. Although not deemed critical based on SVRS, organizations using the affected versions should investigate and apply any available patches or mitigations promptly to prevent potential exploitation and secure their data.

TAGS
In The Wild
VECTOR STRING
CVSS:3.1
AV:N
AC:L
PR:L
UI:N
S:U
C:L
I:N
A:N
PUBLICATION DATE2024-07-15
LAST MODIFIED2024-07-16

Indicators of Compromise

No IOCs found for this CVE

Exploits

No exploits found for this CVE

Enhance Your CVE Management with SOCRadar Vulnerability Intelligence
Get comprehensive CVE details, real-time notifications, and proactive threat management all in one platform.
CREATE FREE ACCOUNT
CVE Details
Access comprehensive CVE information instantly
Real-time Tracking
Subscribe to CVEs and get instant updates
Exploit Analysis
Monitor related APT groups and threats
IOC Tracking
Analyze and track CVE-related IOCs

News

CVE-2024-39729 | IBM Datacap Navigator 9.1.5/9.1.6/9.1.7/9.1.8/9.1.9 sensitive information in source (XFDB-295968)
vuldb.com2024-07-15
CVE-2024-39729 | IBM Datacap Navigator 9.1.5/9.1.6/9.1.7/9.1.8/9.1.9 sensitive information in source (XFDB-295968) | A vulnerability was found in IBM Datacap Navigator 9.1.5/9.1.6/9.1.7/9.1.8/9.1.9. It has been classified as problematic. Affected is an unknown function. The manipulation leads to inclusion of sensitive information in source code. This vulnerability is traded as CVE-2024-39729. It is possible to launch the attack remotely. There is no exploit available. It is recommended
cve-2024-39729
domains
urls
cves

Social Media

CVE-2024-39729 IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8, and 9.1.9 could allow an authenticated user to obtain sensitive information from source code that could be used in f… https://t.co/hedIVRFyVz
0
0
0

Affected Software

Configuration 1
TypeVendorProduct
AppIbmdatacap
AppIbmdatacap_navigator

References

ReferenceLink
[email protected]https://exchange.xforce.ibmcloud.com/vulnerabilities/295968
[email protected]https://www.ibm.com/support/pages/node/7160185

CWE Details

CWE IDCWE NameDescription
CWE-540Inclusion of Sensitive Information in Source CodeSource code on a web server or repository often contains sensitive information and should generally not be accessible to users.

CVE Radar

Real-time CVE Intelligence & Vulnerability Management Platform

CVE Radar provides comprehensive vulnerability intelligence by monitoring CVE databases, security advisories, and threat feeds. Get instant updates on new vulnerabilities, exploit details, and mitigation strategies specific to your assets.

Get Free Vulnerability Intelligence AccessAccess real-time CVE monitoring, exploit analysis, and threat intelligence