CVE-2019-4394

Summary

IBM Cloud Orchestrator 2.4 through 2.4.0.5 and 2.5 through 2.5.0.9 contain APIs that could be used by a local user to send email. IBM X-Force ID: 162232.

Affected Software

VendorProductVersion RangeStatus
IBMCloud Orchestrator2.4affected
IBMCloud Orchestrator2.4.0.1affected
IBMCloud Orchestrator2.4.0.2affected
IBMCloud Orchestrator2.5affected
IBMCloud Orchestrator2.5.0.1affected
IBMCloud Orchestrator2.4.0.3affected
IBMCloud Orchestrator2.5.0.2affected
IBMCloud Orchestrator2.4.0.4affected
IBMCloud Orchestrator2.5.0.3affected
IBMCloud Orchestrator2.5.0.4affected
IBMCloud Orchestrator2.4.0.5affected
IBMCloud Orchestrator2.5.0.5affected
IBMCloud Orchestrator2.5.0.6affected
IBMCloud Orchestrator2.5.0.7affected
IBMCloud Orchestrator2.5.0.8affected
IBMCloud Orchestrator2.5.0.9affected

Weaknesses

  • Bypass Security

ADP Enrichment

CVE Program Container

Additional References

References