← Back

Cloud Orchestrator Enterprise

cloud_orchestrator_enterprise

Vendor: Ibm • 2 CVEs

CVEs (2)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2019-4398
1Ibm
2Cloud Orchestrator
Cloud Orchestrator Enterprise
Nov 21, 2024
Oct 24, 2019
N/A· v4
3.3 LOW· v3
2.1 LOW· v2
IBM Cloud Orchestrator and IBM Cloud Orchestrator Enterprise 2.5 through 2.5.0.9 and 2.4 through 2.4.0.5 could allow a local user to obtain sensitive information from SessionManagement cookies. IBM X-Force ID: 162259.
CVE-2019-4397
1Ibm
2Cloud Orchestrator
Cloud Orchestrator Enterprise
Nov 21, 2024
Oct 24, 2019
N/A· v4
6.5 MEDIUM· v3
4.0 MEDIUM· v2
IBM Cloud Orchestrator and IBM Cloud Orchestrator Enterprise 2.5 through 2.5.0.9 and 2.4 through 2.4.0.5 stores sensitive information in URL parameters. This may lead to information disclosure if unauthorized parties hav...Show more
IBM Cloud Orchestrator and IBM Cloud Orchestrator Enterprise 2.5 through 2.5.0.9 and 2.4 through 2.4.0.5 stores sensitive information in URL parameters. This may lead to information disclosure if unauthorized parties have access to the URLs via server logs, referrer header or browser history. IBM X-Force ID: 162239Show less