CVE-2019-4394 — Improper Input Validation in IBM Cloud Orchestrator
Severity
2.3LOWNVD
EPSS
0.1%
top 73.82%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedOct 25
Latest updateMay 24
Description
IBM Cloud Orchestrator 2.4 through 2.4.0.5 and 2.5 through 2.5.0.9 contain APIs that could be used by a local user to send email. IBM X-Force ID: 162232.
CVSS vector
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:NExploitability: 0.8 | Impact: 1.4