Information Disclosure Vulnerability in IBM Cloud Orchestrator
CVE-2016-0205
3.3LOW
Summary
An information disclosure vulnerability exists in IBM Cloud Orchestrator versions 2.3, 2.3.0.1, 2.4, and 2.4.0.1. This issue allows an authenticated attacker to enumerate valid users, potentially exposing sensitive information and compounding security risks within the system. Detailed information about this vulnerability can be found through IBM's security advisories.
Affected Version(s)
Cloud Orchestrator 2.3
Cloud Orchestrator 2.4
Cloud Orchestrator 2.3.0.1
References
CVSS V3.1
Score:
3.3
Severity:
LOW
Confidentiality:
Low
Integrity:
None
Availability:
Low
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved