Search

Find a vulnerability

Search criteria

    8 vulnerabilities found for Cloud Orchestrator by IBM Corporation

    CVE-2016-0206 (GCVE-0-2016-0206)

    Vulnerability from nvd – Published: 2017-02-08 22:00 – Updated: 2024-08-05 22:08
    VLAI
    Summary
    IBM Cloud Orchestrator could allow a local authenticated attacker to cause the server to slow down for a short period of time by using a specially crafted and malformed URL.
    Severity
    No CVSS data available.
    CWE
    • Denial of Service
    Assigner
    ibm
    References
    Impacted products
    Vendor Product Version
    IBM Corporation Cloud Orchestrator Affected: 2.2
    Affected: 2.2.0.1
    Affected: 2.3
    Affected: 2.4
    Affected: 2.3.0.1
    Affected: 2.4.0.1
    Affected: 2.4.0.2
    Affected: 2.5
    Affected: 2.5.0.1
    Affected: 2.4.0.3
    Affected: 2.5.0.2
    Create a notification for this product.
    Date Public
    2016-10-30 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T22:08:13.339Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.ibm.com/support/docview.wss?uid=swg2C1000141"
              },
              {
                "name": "94656",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/94656"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Cloud Orchestrator",
              "vendor": "IBM Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "2.2"
                },
                {
                  "status": "affected",
                  "version": "2.2.0.1"
                },
                {
                  "status": "affected",
                  "version": "2.3"
                },
                {
                  "status": "affected",
                  "version": "2.4"
                },
                {
                  "status": "affected",
                  "version": "2.3.0.1"
                },
                {
                  "status": "affected",
                  "version": "2.4.0.1"
                },
                {
                  "status": "affected",
                  "version": "2.4.0.2"
                },
                {
                  "status": "affected",
                  "version": "2.5"
                },
                {
                  "status": "affected",
                  "version": "2.5.0.1"
                },
                {
                  "status": "affected",
                  "version": "2.4.0.3"
                },
                {
                  "status": "affected",
                  "version": "2.5.0.2"
                }
              ]
            }
          ],
          "datePublic": "2016-10-30T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "IBM Cloud Orchestrator could allow a local authenticated attacker to cause the server to slow down for a short period of time by using a specially crafted and malformed URL."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Denial of Service",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-02-09T10:57:02.000Z",
            "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
            "shortName": "ibm"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.ibm.com/support/docview.wss?uid=swg2C1000141"
            },
            {
              "name": "94656",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/94656"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@us.ibm.com",
              "ID": "CVE-2016-0206",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Cloud Orchestrator",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "2.2"
                              },
                              {
                                "version_value": "2.2.0.1"
                              },
                              {
                                "version_value": "2.3"
                              },
                              {
                                "version_value": "2.4"
                              },
                              {
                                "version_value": "2.3.0.1"
                              },
                              {
                                "version_value": "2.4.0.1"
                              },
                              {
                                "version_value": "2.4.0.2"
                              },
                              {
                                "version_value": "2.5"
                              },
                              {
                                "version_value": "2.5.0.1"
                              },
                              {
                                "version_value": "2.4.0.3"
                              },
                              {
                                "version_value": "2.5.0.2"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "IBM Corporation"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "IBM Cloud Orchestrator could allow a local authenticated attacker to cause the server to slow down for a short period of time by using a specially crafted and malformed URL."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Denial of Service"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://www.ibm.com/support/docview.wss?uid=swg2C1000141",
                  "refsource": "CONFIRM",
                  "url": "http://www.ibm.com/support/docview.wss?uid=swg2C1000141"
                },
                {
                  "name": "94656",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/94656"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "assignerShortName": "ibm",
        "cveId": "CVE-2016-0206",
        "datePublished": "2017-02-08T22:00:00.000Z",
        "dateReserved": "2015-12-08T00:00:00.000Z",
        "dateUpdated": "2024-08-05T22:08:13.339Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2016-0203 (GCVE-0-2016-0203)

    Vulnerability from nvd – Published: 2017-02-08 22:00 – Updated: 2024-08-05 22:08
    VLAI
    Summary
    A vulnerability has been identified in the IBM Cloud Orchestrator task API. The task API might allow an authenticated user to view background information associated with actions performed on virtual machines in projects where the user belongs to.
    Severity
    No CVSS data available.
    CWE
    • Obtain Information
    Assigner
    ibm
    References
    Impacted products
    Vendor Product Version
    IBM Corporation Cloud Orchestrator Affected: 2.2
    Affected: 2.2.0.1
    Affected: 2.3
    Affected: 2.4
    Affected: 2.3.0.1
    Affected: 2.4.0.1
    Affected: 2.4.0.2
    Affected: 2.5
    Affected: 2.5.0.1
    Affected: 2.4.0.3
    Affected: 2.5.0.2
    Create a notification for this product.
    Date Public
    2016-11-18 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T22:08:13.336Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "94440",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/94440"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.ibm.com/support/docview.wss?uid=swg2C1000140"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Cloud Orchestrator",
              "vendor": "IBM Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "2.2"
                },
                {
                  "status": "affected",
                  "version": "2.2.0.1"
                },
                {
                  "status": "affected",
                  "version": "2.3"
                },
                {
                  "status": "affected",
                  "version": "2.4"
                },
                {
                  "status": "affected",
                  "version": "2.3.0.1"
                },
                {
                  "status": "affected",
                  "version": "2.4.0.1"
                },
                {
                  "status": "affected",
                  "version": "2.4.0.2"
                },
                {
                  "status": "affected",
                  "version": "2.5"
                },
                {
                  "status": "affected",
                  "version": "2.5.0.1"
                },
                {
                  "status": "affected",
                  "version": "2.4.0.3"
                },
                {
                  "status": "affected",
                  "version": "2.5.0.2"
                }
              ]
            }
          ],
          "datePublic": "2016-11-18T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability has been identified in the IBM Cloud Orchestrator task API. The task API might allow an authenticated user to view background information associated with actions performed on virtual machines in projects where the user belongs to."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Obtain Information",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-02-09T10:57:02.000Z",
            "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
            "shortName": "ibm"
          },
          "references": [
            {
              "name": "94440",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/94440"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.ibm.com/support/docview.wss?uid=swg2C1000140"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@us.ibm.com",
              "ID": "CVE-2016-0203",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Cloud Orchestrator",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "2.2"
                              },
                              {
                                "version_value": "2.2.0.1"
                              },
                              {
                                "version_value": "2.3"
                              },
                              {
                                "version_value": "2.4"
                              },
                              {
                                "version_value": "2.3.0.1"
                              },
                              {
                                "version_value": "2.4.0.1"
                              },
                              {
                                "version_value": "2.4.0.2"
                              },
                              {
                                "version_value": "2.5"
                              },
                              {
                                "version_value": "2.5.0.1"
                              },
                              {
                                "version_value": "2.4.0.3"
                              },
                              {
                                "version_value": "2.5.0.2"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "IBM Corporation"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "A vulnerability has been identified in the IBM Cloud Orchestrator task API. The task API might allow an authenticated user to view background information associated with actions performed on virtual machines in projects where the user belongs to."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Obtain Information"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "94440",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/94440"
                },
                {
                  "name": "http://www.ibm.com/support/docview.wss?uid=swg2C1000140",
                  "refsource": "CONFIRM",
                  "url": "http://www.ibm.com/support/docview.wss?uid=swg2C1000140"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "assignerShortName": "ibm",
        "cveId": "CVE-2016-0203",
        "datePublished": "2017-02-08T22:00:00.000Z",
        "dateReserved": "2015-12-08T00:00:00.000Z",
        "dateUpdated": "2024-08-05T22:08:13.336Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2016-0202 (GCVE-0-2016-0202)

    Vulnerability from nvd – Published: 2017-02-08 22:00 – Updated: 2024-08-05 22:08
    VLAI
    Summary
    A vulnerability has been identified in tasks, backend object generated for handling any action performed by the application in IBM Cloud Orchestrator. It is possible for an authenticated user to view any task of the current users domain.
    Severity
    No CVSS data available.
    CWE
    • Obtain Information
    Assigner
    ibm
    References
    Impacted products
    Vendor Product Version
    IBM Corporation Cloud Orchestrator Affected: 2.2
    Affected: 2.2.0.1
    Affected: 2.3
    Affected: 2.4
    Affected: 2.3.0.1
    Affected: 2.4.0.1
    Affected: 2.4.0.2
    Affected: 2.5
    Affected: 2.5.0.1
    Affected: 2.4.0.3
    Affected: 2.5.0.2
    Create a notification for this product.
    Date Public
    2016-11-18 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T22:08:13.344Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "94578",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/94578"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.ibm.com/support/docview.wss?uid=swg2C1000134"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Cloud Orchestrator",
              "vendor": "IBM Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "2.2"
                },
                {
                  "status": "affected",
                  "version": "2.2.0.1"
                },
                {
                  "status": "affected",
                  "version": "2.3"
                },
                {
                  "status": "affected",
                  "version": "2.4"
                },
                {
                  "status": "affected",
                  "version": "2.3.0.1"
                },
                {
                  "status": "affected",
                  "version": "2.4.0.1"
                },
                {
                  "status": "affected",
                  "version": "2.4.0.2"
                },
                {
                  "status": "affected",
                  "version": "2.5"
                },
                {
                  "status": "affected",
                  "version": "2.5.0.1"
                },
                {
                  "status": "affected",
                  "version": "2.4.0.3"
                },
                {
                  "status": "affected",
                  "version": "2.5.0.2"
                }
              ]
            }
          ],
          "datePublic": "2016-11-18T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability has been identified in tasks, backend object generated for handling any action performed by the application in IBM Cloud Orchestrator. It is possible for an authenticated user to view any task of the current users domain."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Obtain Information",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-02-09T10:57:02.000Z",
            "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
            "shortName": "ibm"
          },
          "references": [
            {
              "name": "94578",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/94578"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.ibm.com/support/docview.wss?uid=swg2C1000134"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@us.ibm.com",
              "ID": "CVE-2016-0202",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Cloud Orchestrator",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "2.2"
                              },
                              {
                                "version_value": "2.2.0.1"
                              },
                              {
                                "version_value": "2.3"
                              },
                              {
                                "version_value": "2.4"
                              },
                              {
                                "version_value": "2.3.0.1"
                              },
                              {
                                "version_value": "2.4.0.1"
                              },
                              {
                                "version_value": "2.4.0.2"
                              },
                              {
                                "version_value": "2.5"
                              },
                              {
                                "version_value": "2.5.0.1"
                              },
                              {
                                "version_value": "2.4.0.3"
                              },
                              {
                                "version_value": "2.5.0.2"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "IBM Corporation"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "A vulnerability has been identified in tasks, backend object generated for handling any action performed by the application in IBM Cloud Orchestrator. It is possible for an authenticated user to view any task of the current users domain."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Obtain Information"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "94578",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/94578"
                },
                {
                  "name": "http://www.ibm.com/support/docview.wss?uid=swg2C1000134",
                  "refsource": "CONFIRM",
                  "url": "http://www.ibm.com/support/docview.wss?uid=swg2C1000134"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "assignerShortName": "ibm",
        "cveId": "CVE-2016-0202",
        "datePublished": "2017-02-08T22:00:00.000Z",
        "dateReserved": "2015-12-08T00:00:00.000Z",
        "dateUpdated": "2024-08-05T22:08:13.344Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2015-7494 (GCVE-0-2015-7494)

    Vulnerability from nvd – Published: 2017-02-08 22:00 – Updated: 2024-08-06 07:51
    VLAI
    Summary
    A vulnerability has been identified in IBM Cloud Orchestrator services/[action]/launch API. An authenticated domain admin user might modify cross domain resources via a /services/[action]/launch API call, provided it would have been possible for the domain admin user to gain access to a resource identifier of the other domain.
    Severity
    No CVSS data available.
    CWE
    • Gain Access
    Assigner
    ibm
    References
    Impacted products
    Vendor Product Version
    IBM Corporation Cloud Orchestrator Affected: 2.2
    Affected: 2.2.0.1
    Affected: 2.3
    Affected: 2.4
    Affected: 2.3.0.1
    Affected: 2.4.0.1
    Affected: 2.4.0.2
    Affected: 2.5
    Affected: 2.5.0.1
    Affected: 2.4.0.3
    Affected: 2.5.0.2
    Create a notification for this product.
    Date Public
    2016-11-18 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T07:51:28.123Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.ibm.com/support/docview.wss?uid=swg2C1000140"
              },
              {
                "name": "94438",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/94438"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Cloud Orchestrator",
              "vendor": "IBM Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "2.2"
                },
                {
                  "status": "affected",
                  "version": "2.2.0.1"
                },
                {
                  "status": "affected",
                  "version": "2.3"
                },
                {
                  "status": "affected",
                  "version": "2.4"
                },
                {
                  "status": "affected",
                  "version": "2.3.0.1"
                },
                {
                  "status": "affected",
                  "version": "2.4.0.1"
                },
                {
                  "status": "affected",
                  "version": "2.4.0.2"
                },
                {
                  "status": "affected",
                  "version": "2.5"
                },
                {
                  "status": "affected",
                  "version": "2.5.0.1"
                },
                {
                  "status": "affected",
                  "version": "2.4.0.3"
                },
                {
                  "status": "affected",
                  "version": "2.5.0.2"
                }
              ]
            }
          ],
          "datePublic": "2016-11-18T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability has been identified in IBM Cloud Orchestrator services/[action]/launch API. An authenticated domain admin user might modify cross domain resources via a /services/[action]/launch API call, provided it would have been possible for the domain admin user to gain access to a resource identifier of the other domain."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Gain Access",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-02-09T10:57:02.000Z",
            "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
            "shortName": "ibm"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.ibm.com/support/docview.wss?uid=swg2C1000140"
            },
            {
              "name": "94438",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/94438"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@us.ibm.com",
              "ID": "CVE-2015-7494",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Cloud Orchestrator",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "2.2"
                              },
                              {
                                "version_value": "2.2.0.1"
                              },
                              {
                                "version_value": "2.3"
                              },
                              {
                                "version_value": "2.4"
                              },
                              {
                                "version_value": "2.3.0.1"
                              },
                              {
                                "version_value": "2.4.0.1"
                              },
                              {
                                "version_value": "2.4.0.2"
                              },
                              {
                                "version_value": "2.5"
                              },
                              {
                                "version_value": "2.5.0.1"
                              },
                              {
                                "version_value": "2.4.0.3"
                              },
                              {
                                "version_value": "2.5.0.2"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "IBM Corporation"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "A vulnerability has been identified in IBM Cloud Orchestrator services/[action]/launch API. An authenticated domain admin user might modify cross domain resources via a /services/[action]/launch API call, provided it would have been possible for the domain admin user to gain access to a resource identifier of the other domain."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Gain Access"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://www.ibm.com/support/docview.wss?uid=swg2C1000140",
                  "refsource": "CONFIRM",
                  "url": "http://www.ibm.com/support/docview.wss?uid=swg2C1000140"
                },
                {
                  "name": "94438",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/94438"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "assignerShortName": "ibm",
        "cveId": "CVE-2015-7494",
        "datePublished": "2017-02-08T22:00:00.000Z",
        "dateReserved": "2015-09-29T00:00:00.000Z",
        "dateUpdated": "2024-08-06T07:51:28.123Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2016-0202 (GCVE-0-2016-0202)

    Vulnerability from cvelistv5 – Published: 2017-02-08 22:00 – Updated: 2024-08-05 22:08
    VLAI
    Summary
    A vulnerability has been identified in tasks, backend object generated for handling any action performed by the application in IBM Cloud Orchestrator. It is possible for an authenticated user to view any task of the current users domain.
    Severity
    No CVSS data available.
    CWE
    • Obtain Information
    Assigner
    ibm
    References
    Impacted products
    Vendor Product Version
    IBM Corporation Cloud Orchestrator Affected: 2.2
    Affected: 2.2.0.1
    Affected: 2.3
    Affected: 2.4
    Affected: 2.3.0.1
    Affected: 2.4.0.1
    Affected: 2.4.0.2
    Affected: 2.5
    Affected: 2.5.0.1
    Affected: 2.4.0.3
    Affected: 2.5.0.2
    Create a notification for this product.
    Date Public
    2016-11-18 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T22:08:13.344Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "94578",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/94578"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.ibm.com/support/docview.wss?uid=swg2C1000134"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Cloud Orchestrator",
              "vendor": "IBM Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "2.2"
                },
                {
                  "status": "affected",
                  "version": "2.2.0.1"
                },
                {
                  "status": "affected",
                  "version": "2.3"
                },
                {
                  "status": "affected",
                  "version": "2.4"
                },
                {
                  "status": "affected",
                  "version": "2.3.0.1"
                },
                {
                  "status": "affected",
                  "version": "2.4.0.1"
                },
                {
                  "status": "affected",
                  "version": "2.4.0.2"
                },
                {
                  "status": "affected",
                  "version": "2.5"
                },
                {
                  "status": "affected",
                  "version": "2.5.0.1"
                },
                {
                  "status": "affected",
                  "version": "2.4.0.3"
                },
                {
                  "status": "affected",
                  "version": "2.5.0.2"
                }
              ]
            }
          ],
          "datePublic": "2016-11-18T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability has been identified in tasks, backend object generated for handling any action performed by the application in IBM Cloud Orchestrator. It is possible for an authenticated user to view any task of the current users domain."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Obtain Information",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-02-09T10:57:02.000Z",
            "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
            "shortName": "ibm"
          },
          "references": [
            {
              "name": "94578",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/94578"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.ibm.com/support/docview.wss?uid=swg2C1000134"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@us.ibm.com",
              "ID": "CVE-2016-0202",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Cloud Orchestrator",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "2.2"
                              },
                              {
                                "version_value": "2.2.0.1"
                              },
                              {
                                "version_value": "2.3"
                              },
                              {
                                "version_value": "2.4"
                              },
                              {
                                "version_value": "2.3.0.1"
                              },
                              {
                                "version_value": "2.4.0.1"
                              },
                              {
                                "version_value": "2.4.0.2"
                              },
                              {
                                "version_value": "2.5"
                              },
                              {
                                "version_value": "2.5.0.1"
                              },
                              {
                                "version_value": "2.4.0.3"
                              },
                              {
                                "version_value": "2.5.0.2"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "IBM Corporation"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "A vulnerability has been identified in tasks, backend object generated for handling any action performed by the application in IBM Cloud Orchestrator. It is possible for an authenticated user to view any task of the current users domain."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Obtain Information"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "94578",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/94578"
                },
                {
                  "name": "http://www.ibm.com/support/docview.wss?uid=swg2C1000134",
                  "refsource": "CONFIRM",
                  "url": "http://www.ibm.com/support/docview.wss?uid=swg2C1000134"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "assignerShortName": "ibm",
        "cveId": "CVE-2016-0202",
        "datePublished": "2017-02-08T22:00:00.000Z",
        "dateReserved": "2015-12-08T00:00:00.000Z",
        "dateUpdated": "2024-08-05T22:08:13.344Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2015-7494 (GCVE-0-2015-7494)

    Vulnerability from cvelistv5 – Published: 2017-02-08 22:00 – Updated: 2024-08-06 07:51
    VLAI
    Summary
    A vulnerability has been identified in IBM Cloud Orchestrator services/[action]/launch API. An authenticated domain admin user might modify cross domain resources via a /services/[action]/launch API call, provided it would have been possible for the domain admin user to gain access to a resource identifier of the other domain.
    Severity
    No CVSS data available.
    CWE
    • Gain Access
    Assigner
    ibm
    References
    Impacted products
    Vendor Product Version
    IBM Corporation Cloud Orchestrator Affected: 2.2
    Affected: 2.2.0.1
    Affected: 2.3
    Affected: 2.4
    Affected: 2.3.0.1
    Affected: 2.4.0.1
    Affected: 2.4.0.2
    Affected: 2.5
    Affected: 2.5.0.1
    Affected: 2.4.0.3
    Affected: 2.5.0.2
    Create a notification for this product.
    Date Public
    2016-11-18 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T07:51:28.123Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.ibm.com/support/docview.wss?uid=swg2C1000140"
              },
              {
                "name": "94438",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/94438"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Cloud Orchestrator",
              "vendor": "IBM Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "2.2"
                },
                {
                  "status": "affected",
                  "version": "2.2.0.1"
                },
                {
                  "status": "affected",
                  "version": "2.3"
                },
                {
                  "status": "affected",
                  "version": "2.4"
                },
                {
                  "status": "affected",
                  "version": "2.3.0.1"
                },
                {
                  "status": "affected",
                  "version": "2.4.0.1"
                },
                {
                  "status": "affected",
                  "version": "2.4.0.2"
                },
                {
                  "status": "affected",
                  "version": "2.5"
                },
                {
                  "status": "affected",
                  "version": "2.5.0.1"
                },
                {
                  "status": "affected",
                  "version": "2.4.0.3"
                },
                {
                  "status": "affected",
                  "version": "2.5.0.2"
                }
              ]
            }
          ],
          "datePublic": "2016-11-18T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability has been identified in IBM Cloud Orchestrator services/[action]/launch API. An authenticated domain admin user might modify cross domain resources via a /services/[action]/launch API call, provided it would have been possible for the domain admin user to gain access to a resource identifier of the other domain."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Gain Access",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-02-09T10:57:02.000Z",
            "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
            "shortName": "ibm"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.ibm.com/support/docview.wss?uid=swg2C1000140"
            },
            {
              "name": "94438",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/94438"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@us.ibm.com",
              "ID": "CVE-2015-7494",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Cloud Orchestrator",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "2.2"
                              },
                              {
                                "version_value": "2.2.0.1"
                              },
                              {
                                "version_value": "2.3"
                              },
                              {
                                "version_value": "2.4"
                              },
                              {
                                "version_value": "2.3.0.1"
                              },
                              {
                                "version_value": "2.4.0.1"
                              },
                              {
                                "version_value": "2.4.0.2"
                              },
                              {
                                "version_value": "2.5"
                              },
                              {
                                "version_value": "2.5.0.1"
                              },
                              {
                                "version_value": "2.4.0.3"
                              },
                              {
                                "version_value": "2.5.0.2"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "IBM Corporation"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "A vulnerability has been identified in IBM Cloud Orchestrator services/[action]/launch API. An authenticated domain admin user might modify cross domain resources via a /services/[action]/launch API call, provided it would have been possible for the domain admin user to gain access to a resource identifier of the other domain."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Gain Access"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://www.ibm.com/support/docview.wss?uid=swg2C1000140",
                  "refsource": "CONFIRM",
                  "url": "http://www.ibm.com/support/docview.wss?uid=swg2C1000140"
                },
                {
                  "name": "94438",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/94438"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "assignerShortName": "ibm",
        "cveId": "CVE-2015-7494",
        "datePublished": "2017-02-08T22:00:00.000Z",
        "dateReserved": "2015-09-29T00:00:00.000Z",
        "dateUpdated": "2024-08-06T07:51:28.123Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2016-0203 (GCVE-0-2016-0203)

    Vulnerability from cvelistv5 – Published: 2017-02-08 22:00 – Updated: 2024-08-05 22:08
    VLAI
    Summary
    A vulnerability has been identified in the IBM Cloud Orchestrator task API. The task API might allow an authenticated user to view background information associated with actions performed on virtual machines in projects where the user belongs to.
    Severity
    No CVSS data available.
    CWE
    • Obtain Information
    Assigner
    ibm
    References
    Impacted products
    Vendor Product Version
    IBM Corporation Cloud Orchestrator Affected: 2.2
    Affected: 2.2.0.1
    Affected: 2.3
    Affected: 2.4
    Affected: 2.3.0.1
    Affected: 2.4.0.1
    Affected: 2.4.0.2
    Affected: 2.5
    Affected: 2.5.0.1
    Affected: 2.4.0.3
    Affected: 2.5.0.2
    Create a notification for this product.
    Date Public
    2016-11-18 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T22:08:13.336Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "94440",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/94440"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.ibm.com/support/docview.wss?uid=swg2C1000140"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Cloud Orchestrator",
              "vendor": "IBM Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "2.2"
                },
                {
                  "status": "affected",
                  "version": "2.2.0.1"
                },
                {
                  "status": "affected",
                  "version": "2.3"
                },
                {
                  "status": "affected",
                  "version": "2.4"
                },
                {
                  "status": "affected",
                  "version": "2.3.0.1"
                },
                {
                  "status": "affected",
                  "version": "2.4.0.1"
                },
                {
                  "status": "affected",
                  "version": "2.4.0.2"
                },
                {
                  "status": "affected",
                  "version": "2.5"
                },
                {
                  "status": "affected",
                  "version": "2.5.0.1"
                },
                {
                  "status": "affected",
                  "version": "2.4.0.3"
                },
                {
                  "status": "affected",
                  "version": "2.5.0.2"
                }
              ]
            }
          ],
          "datePublic": "2016-11-18T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability has been identified in the IBM Cloud Orchestrator task API. The task API might allow an authenticated user to view background information associated with actions performed on virtual machines in projects where the user belongs to."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Obtain Information",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-02-09T10:57:02.000Z",
            "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
            "shortName": "ibm"
          },
          "references": [
            {
              "name": "94440",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/94440"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.ibm.com/support/docview.wss?uid=swg2C1000140"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@us.ibm.com",
              "ID": "CVE-2016-0203",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Cloud Orchestrator",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "2.2"
                              },
                              {
                                "version_value": "2.2.0.1"
                              },
                              {
                                "version_value": "2.3"
                              },
                              {
                                "version_value": "2.4"
                              },
                              {
                                "version_value": "2.3.0.1"
                              },
                              {
                                "version_value": "2.4.0.1"
                              },
                              {
                                "version_value": "2.4.0.2"
                              },
                              {
                                "version_value": "2.5"
                              },
                              {
                                "version_value": "2.5.0.1"
                              },
                              {
                                "version_value": "2.4.0.3"
                              },
                              {
                                "version_value": "2.5.0.2"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "IBM Corporation"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "A vulnerability has been identified in the IBM Cloud Orchestrator task API. The task API might allow an authenticated user to view background information associated with actions performed on virtual machines in projects where the user belongs to."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Obtain Information"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "94440",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/94440"
                },
                {
                  "name": "http://www.ibm.com/support/docview.wss?uid=swg2C1000140",
                  "refsource": "CONFIRM",
                  "url": "http://www.ibm.com/support/docview.wss?uid=swg2C1000140"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "assignerShortName": "ibm",
        "cveId": "CVE-2016-0203",
        "datePublished": "2017-02-08T22:00:00.000Z",
        "dateReserved": "2015-12-08T00:00:00.000Z",
        "dateUpdated": "2024-08-05T22:08:13.336Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2016-0206 (GCVE-0-2016-0206)

    Vulnerability from cvelistv5 – Published: 2017-02-08 22:00 – Updated: 2024-08-05 22:08
    VLAI
    Summary
    IBM Cloud Orchestrator could allow a local authenticated attacker to cause the server to slow down for a short period of time by using a specially crafted and malformed URL.
    Severity
    No CVSS data available.
    CWE
    • Denial of Service
    Assigner
    ibm
    References
    Impacted products
    Vendor Product Version
    IBM Corporation Cloud Orchestrator Affected: 2.2
    Affected: 2.2.0.1
    Affected: 2.3
    Affected: 2.4
    Affected: 2.3.0.1
    Affected: 2.4.0.1
    Affected: 2.4.0.2
    Affected: 2.5
    Affected: 2.5.0.1
    Affected: 2.4.0.3
    Affected: 2.5.0.2
    Create a notification for this product.
    Date Public
    2016-10-30 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T22:08:13.339Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.ibm.com/support/docview.wss?uid=swg2C1000141"
              },
              {
                "name": "94656",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/94656"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Cloud Orchestrator",
              "vendor": "IBM Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "2.2"
                },
                {
                  "status": "affected",
                  "version": "2.2.0.1"
                },
                {
                  "status": "affected",
                  "version": "2.3"
                },
                {
                  "status": "affected",
                  "version": "2.4"
                },
                {
                  "status": "affected",
                  "version": "2.3.0.1"
                },
                {
                  "status": "affected",
                  "version": "2.4.0.1"
                },
                {
                  "status": "affected",
                  "version": "2.4.0.2"
                },
                {
                  "status": "affected",
                  "version": "2.5"
                },
                {
                  "status": "affected",
                  "version": "2.5.0.1"
                },
                {
                  "status": "affected",
                  "version": "2.4.0.3"
                },
                {
                  "status": "affected",
                  "version": "2.5.0.2"
                }
              ]
            }
          ],
          "datePublic": "2016-10-30T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "IBM Cloud Orchestrator could allow a local authenticated attacker to cause the server to slow down for a short period of time by using a specially crafted and malformed URL."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Denial of Service",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-02-09T10:57:02.000Z",
            "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
            "shortName": "ibm"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.ibm.com/support/docview.wss?uid=swg2C1000141"
            },
            {
              "name": "94656",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/94656"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "psirt@us.ibm.com",
              "ID": "CVE-2016-0206",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Cloud Orchestrator",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "2.2"
                              },
                              {
                                "version_value": "2.2.0.1"
                              },
                              {
                                "version_value": "2.3"
                              },
                              {
                                "version_value": "2.4"
                              },
                              {
                                "version_value": "2.3.0.1"
                              },
                              {
                                "version_value": "2.4.0.1"
                              },
                              {
                                "version_value": "2.4.0.2"
                              },
                              {
                                "version_value": "2.5"
                              },
                              {
                                "version_value": "2.5.0.1"
                              },
                              {
                                "version_value": "2.4.0.3"
                              },
                              {
                                "version_value": "2.5.0.2"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "IBM Corporation"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "IBM Cloud Orchestrator could allow a local authenticated attacker to cause the server to slow down for a short period of time by using a specially crafted and malformed URL."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Denial of Service"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://www.ibm.com/support/docview.wss?uid=swg2C1000141",
                  "refsource": "CONFIRM",
                  "url": "http://www.ibm.com/support/docview.wss?uid=swg2C1000141"
                },
                {
                  "name": "94656",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/94656"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "assignerShortName": "ibm",
        "cveId": "CVE-2016-0206",
        "datePublished": "2017-02-08T22:00:00.000Z",
        "dateReserved": "2015-12-08T00:00:00.000Z",
        "dateUpdated": "2024-08-05T22:08:13.339Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }