CVE-2024-39740

Name of the Vulnerable Software and Affected Versions: IBM Datacap Navigator versions 9.1.5 through 9.1.9

Description: The issue is related to the disclosure of system data to unauthorized individuals. It can be exploited by a remote attacker who sends specially crafted HTTP requests to reveal protected information. The vulnerability allows an attacker to gather information for future attacks against the system by displaying version information in HTTP requests.

Recommendations: For versions 9.1.5 through 9.1.9, consider restricting access to the system to minimize the risk of exploitation until a patch is available. As a temporary workaround, avoid using the version information in HTTP requests. At the moment, there is no information about a newer version that contains a fix for this vulnerability.