CVE-2019-4395IBM Cloud Orchestrator vulnerability

3 documents3 sources
Severity
3.3LOWNVD
EPSS
0.1%
top 75.30%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
IBM Cloud Orchestrator
Timeline
PublishedOct 25
Latest updateMay 24

Description

IBM Cloud Orchestrator 2.4 through 2.4.0.5 and 2.5 through 2.5.0.9 could allow a local user to obtain sensitive information from temporary script files. IBM X-Force ID: 162333.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:NExploitability: 1.8 | Impact: 1.4

Affected Packages2 packages

NVDibm/cloud_orchestrator2.4.0.02.4.0.5+1
CVEListV5ibm/cloud_orchestrator16 versions+15

🔴Vulnerability Details

2
GHSA
GHSA-wpjc-hhjv-c9gh: IBM Cloud Orchestrator 22022-05-24
CVEList
CVE-2019-4395: IBM Cloud Orchestrator 22019-10-25
CVE-2019-4395 — IBM Cloud Orchestrator vulnerability | cvebase