Filtered by vendor Ibm Subscriptions
Filtered by product Cloud Orchestrator Enterprise Subscriptions
Total 2 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2019-4398 1 Ibm 2 Cloud Orchestrator, Cloud Orchestrator Enterprise 2024-11-21 3.3 Low
IBM Cloud Orchestrator and IBM Cloud Orchestrator Enterprise 2.5 through 2.5.0.9 and 2.4 through 2.4.0.5 could allow a local user to obtain sensitive information from SessionManagement cookies. IBM X-Force ID: 162259.
CVE-2019-4397 1 Ibm 2 Cloud Orchestrator, Cloud Orchestrator Enterprise 2024-11-21 6.5 Medium
IBM Cloud Orchestrator and IBM Cloud Orchestrator Enterprise 2.5 through 2.5.0.9 and 2.4 through 2.4.0.5 stores sensitive information in URL parameters. This may lead to information disclosure if unauthorized parties have access to the URLs via server logs, referrer header or browser history. IBM X-Force ID: 162239