VAR-201809-0198
Vulnerability from variot - Updated: 2023-12-18 14:05IBM Datacap Fastdoc Capture 9.1.1, 9.1.3, and 9.1.4 could allow an authenticated user to bypass future authentication mechanisms once the initial login is completed. IBM X-Force ID: 148691. IBM Datacap Fastdoc Capture Contains an authentication vulnerability. Vendors have confirmed this vulnerability IBM X-Force ID: 148691 It is released as.Information may be tampered with. An attacker can exploit this issue to bypass authentication mechanism and perform unauthorized actions. This may lead to further attacks
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201809-0198",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "datacap",
"scope": "eq",
"trust": 1.6,
"vendor": "ibm",
"version": "9.1.1"
},
{
"model": "datacap",
"scope": "eq",
"trust": 1.6,
"vendor": "ibm",
"version": "9.1.3"
},
{
"model": "datacap",
"scope": "eq",
"trust": 1.6,
"vendor": "ibm",
"version": "9.1.4"
},
{
"model": "datacap",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "fastdoc capture 9.1.1"
},
{
"model": "datacap",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "fastdoc capture 9.1.3"
},
{
"model": "datacap",
"scope": "eq",
"trust": 0.8,
"vendor": "ibm",
"version": "fastdoc capture 9.1.4"
},
{
"model": "datacap taskmaster capture",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.4"
},
{
"model": "datacap taskmaster capture",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.3"
},
{
"model": "datacap taskmaster capture",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.1"
},
{
"model": "datacap navigator",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.4"
},
{
"model": "datacap navigator",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.3"
},
{
"model": "datacap navigator",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.1"
},
{
"model": "datacap fastdoc capture",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.4"
},
{
"model": "datacap fastdoc capture",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.3"
},
{
"model": "datacap fastdoc capture",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.1"
},
{
"model": "datacap taskmaster capture interim fix",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.41"
},
{
"model": "datacap taskmaster capture interim fix",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.36"
},
{
"model": "datacap taskmaster capture hotfix",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.11"
},
{
"model": "datacap navigator interim fix",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.41"
},
{
"model": "datacap navigator interim fix",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.36"
},
{
"model": "datacap navigator hotfix",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.11"
},
{
"model": "datacap fastdoc capture interim fix",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.41"
},
{
"model": "datacap fastdoc capture interim fix",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.36"
},
{
"model": "datacap fastdoc capture hotfix",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "9.1.11"
}
],
"sources": [
{
"db": "BID",
"id": "105340"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009682"
},
{
"db": "NVD",
"id": "CVE-2018-1773"
},
{
"db": "CNNVD",
"id": "CNNVD-201809-634"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:ibm:datacap:9.1.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ibm:datacap:9.1.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ibm:datacap:9.1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2018-1773"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The vendor reported this issue.",
"sources": [
{
"db": "BID",
"id": "105340"
}
],
"trust": 0.3
},
"cve": "CVE-2018-1773",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "Single",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 4.0,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2018-1773",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"exploitabilityScore": 2.8,
"impactScore": 1.4,
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 2.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 4.3,
"baseSeverity": "Medium",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2018-1773",
"impactScore": null,
"integrityImpact": "Low",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2018-1773",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "psirt@us.ibm.com",
"id": "CVE-2018-1773",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201809-634",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-009682"
},
{
"db": "NVD",
"id": "CVE-2018-1773"
},
{
"db": "NVD",
"id": "CVE-2018-1773"
},
{
"db": "CNNVD",
"id": "CNNVD-201809-634"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "IBM Datacap Fastdoc Capture 9.1.1, 9.1.3, and 9.1.4 could allow an authenticated user to bypass future authentication mechanisms once the initial login is completed. IBM X-Force ID: 148691. IBM Datacap Fastdoc Capture Contains an authentication vulnerability. Vendors have confirmed this vulnerability IBM X-Force ID: 148691 It is released as.Information may be tampered with. \nAn attacker can exploit this issue to bypass authentication mechanism and perform unauthorized actions. This may lead to further attacks",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-1773"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009682"
},
{
"db": "BID",
"id": "105340"
}
],
"trust": 1.89
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-1773",
"trust": 2.7
},
{
"db": "BID",
"id": "105340",
"trust": 1.9
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009682",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201809-634",
"trust": 0.6
}
],
"sources": [
{
"db": "BID",
"id": "105340"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009682"
},
{
"db": "NVD",
"id": "CVE-2018-1773"
},
{
"db": "CNNVD",
"id": "CNNVD-201809-634"
}
]
},
"id": "VAR-201809-0198",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.3152174
},
"last_update_date": "2023-12-18T14:05:20.297000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "0729013",
"trust": 0.8,
"url": "https://www.ibm.com/support/docview.wss?uid=ibm10729013"
},
{
"title": "ibm-datacap-cve20181773-sec-bypass (148691)",
"trust": 0.8,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/148691"
},
{
"title": "IBM Datacap Fastdoc Capture Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=84887"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-009682"
},
{
"db": "CNNVD",
"id": "CNNVD-201809-634"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-287",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-009682"
},
{
"db": "NVD",
"id": "CVE-2018-1773"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.6,
"url": "http://www.securityfocus.com/bid/105340"
},
{
"trust": 1.6,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/148691"
},
{
"trust": 1.6,
"url": "https://www.ibm.com/support/docview.wss?uid=ibm10729013"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-1773"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-1773"
},
{
"trust": 0.3,
"url": "http://www.ibm.com"
},
{
"trust": 0.3,
"url": "https://www-01.ibm.com/support/docview.wss?uid=ibm10729013"
}
],
"sources": [
{
"db": "BID",
"id": "105340"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009682"
},
{
"db": "NVD",
"id": "CVE-2018-1773"
},
{
"db": "CNNVD",
"id": "CNNVD-201809-634"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "BID",
"id": "105340"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009682"
},
{
"db": "NVD",
"id": "CVE-2018-1773"
},
{
"db": "CNNVD",
"id": "CNNVD-201809-634"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-09-10T00:00:00",
"db": "BID",
"id": "105340"
},
{
"date": "2018-11-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-009682"
},
{
"date": "2018-09-12T14:29:01.140000",
"db": "NVD",
"id": "CVE-2018-1773"
},
{
"date": "2018-09-13T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201809-634"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-09-10T00:00:00",
"db": "BID",
"id": "105340"
},
{
"date": "2018-11-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-009682"
},
{
"date": "2019-10-09T23:39:03.493000",
"db": "NVD",
"id": "CVE-2018-1773"
},
{
"date": "2019-10-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201809-634"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201809-634"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "IBM Datacap Fastdoc Capture Authentication vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-009682"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "authorization issue",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201809-634"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…