CVE-2016-0205

3.3LOW

Key Information:

Vendor: IBM
Status: Cloud Orchestrator
Vendor: CVE Published:; 30 August 2018

Summary

A vulnerability has been identified in IBM Cloud Orchestrator 2.3, 2.3.0.1, 2.4, and 2.4.0.1 that could allow an attacker after authentication to enumerate valid users of the system. IBM X-Force ID: 109394.

Affected Version(s)

Cloud Orchestrator 2.3

Cloud Orchestrator 2.4

Cloud Orchestrator 2.3.0.1

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/109394

vdb-entryx_refsource_XF

https://www-01.ibm.com/support/docview.wss?uid=swg2C4000049

x_refsource_CONFIRM

CVSS V3.1

Score:

3.3

Severity:

LOW

Confidentiality:

Low

Integrity:

None

Availability:

Low

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Aug 30, 2018
Vulnerability Reserved
Dec 8, 2015