Denial of Service Vulnerability in IBM Cloud Orchestrator
CVE-2016-0206

3.3LOW

Key Information:

Vendor: IBM Corporation
Status: Cloud Orchestrator
Vendor: CVE Published:; 8 February 2017

🔔 Create IBM Corporation Vulnerability Alert

What is CVE-2016-0206?

IBM Cloud Orchestrator contains a vulnerability that allows a local authenticated attacker to exploit the system through the use of specially crafted malformed URLs. This could lead to a temporary degradation in server performance, causing service slowdowns for users. Administrators should ensure that their systems are updated and monitored to mitigate potential exploitation of this flaw.

Affected Version(s)

Cloud Orchestrator 2.2

Cloud Orchestrator 2.2.0.1

Cloud Orchestrator 2.3

References

http://www.ibm.com/support/docview.wss?uid=swg2C1000141

x_refsource_CONFIRM

http://www.securityfocus.com/bid/94656

vdb-entryx_refsource_BID

CVSS V3.1

Score:

3.3

Severity:

LOW

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Feb 8, 2017
Vulnerability Reserved
Dec 8, 2015