Ibm: >> Cloud Orchestrator >> 2.3.0.1 Security Vulnerabilities
A vulnerability has been identified in IBM Cloud Orchestrator 2.3, 2.3.0.1, 2.4, and 2.4.0.1 that could allow an attacker after authentication to enumerate valid users of the system. IBM X-Force ID: 109394.
CVSS Score
3.3
EPSS Score
0.001
Published
2018-08-30
A vulnerability has been identified in tasks, backend object generated for handling any action performed by the application in IBM Cloud Orchestrator. It is possible for an authenticated user to view any task of the current users domain.
CVSS Score
3.3
EPSS Score
0.001
Published
2017-02-08
IBM Cloud Orchestrator could allow a local authenticated attacker to cause the server to slow down for a short period of time by using a specially crafted and malformed URL.
CVSS Score
3.3
EPSS Score
0.002
Published
2017-02-08