2 matches found
Security Bulletin: Vulnerabilities in IBM Cloud Orchestrator (CVE-2016-0203, CVE-2015-7494)
Summary IBM Cloud Orchestrator has identified Cross Domain Services Action and Virtual Machine Authentication vulnerabilities. IBM Cloud Orchestrator, formerly known as SmartCloud Orchestrator, has addressed these vulnerabilities. Vulnerability Details CVEID: CVE-2016-0203 DESCRIPTION: A...
CVE-2015-7494
The CVE-2015-7494 entry relates to IBM Cloud Orchestrator: an authenticated domain admin could modify cross-domain resources via the services/[action]/launch API if able to obtain a resource identifier from another domain. The IBM bulletin details affected products (IBM Cloud Orchestrator and IBM...