Local Information Disclosure Vulnerability in IBM Cloud Orchestrator
CVE-2019-4395
4MEDIUM
Summary
Certain versions of IBM Cloud Orchestrator are affected by a local information disclosure vulnerability that allows local users to access sensitive information from temporary script files. This could lead to unauthorized data exposure, potentially compromising user security and confidentiality.
Affected Version(s)
Cloud Orchestrator 2.4
Cloud Orchestrator 2.4.0.1
Cloud Orchestrator 2.4.0.2
References
CVSS V3.1
Score:
4
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
None
Availability:
Low
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved