CVE-2016-0202

LOW

IBM Cloud Orchestrator - Info Disclosure

Title source: llm
STIX 2.1

Description

A vulnerability has been identified in tasks, backend object generated for handling any action performed by the application in IBM Cloud Orchestrator. It is possible for an authenticated user to view any task of the current users domain.

References (2)

Core 2
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/94578
Patch, Vendor Advisory x_refsource_confirm
http://www.ibm.com/support/docview.wss?uid=swg2C1000134

Scores

CVSS v3 3.3
EPSS 0.0006
EPSS Percentile 17.4%
Attack Vector LOCAL
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Details

CWE
CWE-200
Status published
Products (17)
ibm/cloud_orchestrator 2.3
ibm/cloud_orchestrator 2.3.0.1
ibm/cloud_orchestrator 2.4
ibm/cloud_orchestrator 2.4.0.1
ibm/cloud_orchestrator 2.4.0.2
ibm/cloud_orchestrator 2.4.0.3
IBM Corporation/Cloud Orchestrator 2.2
IBM Corporation/Cloud Orchestrator 2.2.0.1
IBM Corporation/Cloud Orchestrator 2.3
IBM Corporation/Cloud Orchestrator 2.3.0.1
... and 7 more
Published Feb 08, 2017
Tracked Since Feb 18, 2026