CVE-2016-0202

Published on: 02/08/2017 12:00:00 AM UTC

Last Modified on: 03/23/2021 11:27:14 PM UTC

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Certain versions of Cloud Orchestrator from Ibm contain the following vulnerability:

A vulnerability has been identified in tasks, backend object generated for handling any action performed by the application in IBM Cloud Orchestrator. It is possible for an authenticated user to view any task of the current users domain.

  • CVE-2016-0202 has been assigned by URL Logo [email protected] to track the vulnerability - currently rated as LOW severity.

CVSS3 Score: 3.3 - LOW

Attack
Vector
Attack
Complexity
Privileges
Required
User
Interaction
LOCAL LOW LOW NONE
Scope Confidentiality
Impact
Integrity
Impact
Availability
Impact
UNCHANGED LOW NONE NONE

CVSS2 Score: 2.1 - LOW

Access
Vector
Access
Complexity
Authentication
LOCAL LOW NONE
Confidentiality
Impact
Integrity
Impact
Availability
Impact
PARTIAL NONE NONE

CVE References

Description Tags Link
IBM Security Bulletin: Vulnerability has been identified in View All User Domain Tasks of IBM Cloud Orchestrator (CVE-2016-0202 ) - United States Patch
Vendor Advisory
www.ibm.com
text/html
URL Logo CONFIRM www.ibm.com/support/docview.wss?uid=swg2C1000134
IBM Cloud Orchestrator CVE-2016-0202 Local Information Disclosure Vulnerability Third Party Advisory
VDB Entry
cve.report (archive)
text/html
URL Logo BID 94578

Known Affected Configurations (CPE V2.3)

Type Vendor Product Version Update Edition Language
ApplicationIbmCloud Orchestrator2.3AllAllAll
ApplicationIbmCloud Orchestrator2.3.0.1AllAllAll
ApplicationIbmCloud Orchestrator2.4AllAllAll
ApplicationIbmCloud Orchestrator2.4.0.1AllAllAll
ApplicationIbmCloud Orchestrator2.4.0.2AllAllAll
ApplicationIbmCloud Orchestrator2.4.0.3AllAllAll
ApplicationIbmCloud Orchestrator2.3AllAllAll
ApplicationIbmCloud Orchestrator2.3.0.1AllAllAll
ApplicationIbmCloud Orchestrator2.4AllAllAll
ApplicationIbmCloud Orchestrator2.4.0.1AllAllAll
ApplicationIbmCloud Orchestrator2.4.0.2AllAllAll
ApplicationIbmCloud Orchestrator2.4.0.3AllAllAll
  • cpe:2.3:a:ibm:cloud_orchestrator:2.3:*:*:*:*:*:*:*:
  • cpe:2.3:a:ibm:cloud_orchestrator:2.3.0.1:*:*:*:*:*:*:*:
  • cpe:2.3:a:ibm:cloud_orchestrator:2.4:*:*:*:*:*:*:*:
  • cpe:2.3:a:ibm:cloud_orchestrator:2.4.0.1:*:*:*:*:*:*:*:
  • cpe:2.3:a:ibm:cloud_orchestrator:2.4.0.2:*:*:*:*:*:*:*:
  • cpe:2.3:a:ibm:cloud_orchestrator:2.4.0.3:*:*:*:*:*:*:*:
  • cpe:2.3:a:ibm:cloud_orchestrator:2.3:*:*:*:*:*:*:*:
  • cpe:2.3:a:ibm:cloud_orchestrator:2.3.0.1:*:*:*:*:*:*:*:
  • cpe:2.3:a:ibm:cloud_orchestrator:2.4:*:*:*:*:*:*:*:
  • cpe:2.3:a:ibm:cloud_orchestrator:2.4.0.1:*:*:*:*:*:*:*:
  • cpe:2.3:a:ibm:cloud_orchestrator:2.4.0.2:*:*:*:*:*:*:*:
  • cpe:2.3:a:ibm:cloud_orchestrator:2.4.0.3:*:*:*:*:*:*:*: