CVE-2016-0206

3.3LOW

Key Information:

Vendor: IBM Corporation
Status: Cloud Orchestrator
Vendor: CVE Published:; 8 February 2017

Summary

IBM Cloud Orchestrator could allow a local authenticated attacker to cause the server to slow down for a short period of time by using a specially crafted and malformed URL.

Affected Version(s)

Cloud Orchestrator 2.2

Cloud Orchestrator 2.2.0.1

Cloud Orchestrator 2.3

References

http://www.ibm.com/support/docview.wss?uid=swg2C1000141

x_refsource_CONFIRM

http://www.securityfocus.com/bid/94656

vdb-entryx_refsource_BID

CVSS V3.1

Score:

3.3

Severity:

LOW

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Feb 8, 2017
Vulnerability Reserved
Dec 8, 2015