CVE-2016-0202

Description

A vulnerability has been identified in tasks, backend object generated for handling any action performed by the application in IBM Cloud Orchestrator. It is possible for an authenticated user to view any task of the current users domain.

Affected products

• IBM Corporation / Cloud Orchestrator2.2 – 2.2
• IBM Corporation / Cloud Orchestrator2.2.0.1 – 2.2.0.1
• IBM Corporation / Cloud Orchestrator2.3 – 2.3
• IBM Corporation / Cloud Orchestrator2.4 – 2.4
• IBM Corporation / Cloud Orchestrator2.3.0.1 – 2.3.0.1
• IBM Corporation / Cloud Orchestrator2.4.0.1 – 2.4.0.1
• IBM Corporation / Cloud Orchestrator2.4.0.2 – 2.4.0.2
• IBM Corporation / Cloud Orchestrator2.5 – 2.5
• IBM Corporation / Cloud Orchestrator2.5.0.1 – 2.5.0.1
• IBM Corporation / Cloud Orchestrator2.4.0.3 – 2.4.0.3
• IBM Corporation / Cloud Orchestrator2.5.0.2 – 2.5.0.2

References

• MISChttp://www.securityfocus.com/bid/94578
• MISChttp://www.ibm.com/support/docview.wss?uid=swg2C1000134