Vulnerabilities (CVE)

Filtered by vendor Ibm Subscribe
Filtered by product Cloud Orchestrator Enterprise
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2019-4398 1 Ibm 2 Cloud Orchestrator, Cloud Orchestrator Enterprise 2023-12-10 2.1 LOW 3.3 LOW
IBM Cloud Orchestrator and IBM Cloud Orchestrator Enterprise 2.5 through 2.5.0.9 and 2.4 through 2.4.0.5 could allow a local user to obtain sensitive information from SessionManagement cookies. IBM X-Force ID: 162259.
CVE-2019-4397 1 Ibm 2 Cloud Orchestrator, Cloud Orchestrator Enterprise 2023-12-10 4.0 MEDIUM 6.5 MEDIUM
IBM Cloud Orchestrator and IBM Cloud Orchestrator Enterprise 2.5 through 2.5.0.9 and 2.4 through 2.4.0.5 stores sensitive information in URL parameters. This may lead to information disclosure if unauthorized parties have access to the URLs via server logs, referrer header or browser history. IBM X-Force ID: 162239