Vulnerability Name: | CVE-2016-0202 (CCN-109390) | ||||||||||||
Assigned: | 2015-12-08 | ||||||||||||
Published: | 2016-11-21 | ||||||||||||
Updated: | 2017-02-15 | ||||||||||||
Summary: | A vulnerability has been identified in tasks, backend object generated for handling any action performed by the application in IBM Cloud Orchestrator. It is possible for an authenticated user to view any task of the current users domain. | ||||||||||||
CVSS v3 Severity: | 3.3 Low (CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N) 2.9 Low (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C)
2.9 Low (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C)
| ||||||||||||
CVSS v2 Severity: | 2.1 Low (CVSS v2 Vector: AV:L/AC:L/Au:N/C:P/I:N/A:N)
| ||||||||||||
Vulnerability Type: | CWE-200 | ||||||||||||
Vulnerability Consequences: | Obtain Information | ||||||||||||
References: | Source: MITRE Type: CNA CVE-2016-0202 Source: CCN Type: IBM Security Bulletin C1000134 (Cloud Orchestrator) Vulnerability has been identified in View All User Domain Tasks of IBM Cloud Orchestrator (CVE-2016-0202 ) Source: CONFIRM Type: Patch, Vendor Advisory http://www.ibm.com/support/docview.wss?uid=swg2C1000134 Source: BID Type: Third Party Advisory, VDB Entry 94578 Source: CCN Type: BID-94578 IBM Cloud Orchestrator CVE-2016-0202 Local Information Disclosure Vulnerability Source: XF Type: UNKNOWN ibm-co-cve20160202-info-disc(109390) | ||||||||||||
Vulnerable Configuration: | Configuration 1: Configuration CCN 1: Denotes that component is vulnerable | ||||||||||||
BACK |