Vulnerabilities > IBM > Cloud Orchestrator > 2.4.0.1
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-02-08 | CVE-2016-0206 | Improper Input Validation vulnerability in IBM Cloud Orchestrator IBM Cloud Orchestrator could allow a local authenticated attacker to cause the server to slow down for a short period of time by using a specially crafted and malformed URL. | 2.1 |
| 2017-02-08 | CVE-2016-0203 | Information Exposure vulnerability in IBM Cloud Orchestrator and Smartcloud Orchestrator A vulnerability has been identified in the IBM Cloud Orchestrator task API. | 2.1 |
| 2017-02-08 | CVE-2016-0202 | Information Exposure vulnerability in IBM Cloud Orchestrator A vulnerability has been identified in tasks, backend object generated for handling any action performed by the application in IBM Cloud Orchestrator. | 2.1 |
| 2017-02-08 | CVE-2015-7494 | Improper Access Control vulnerability in IBM Cloud Orchestrator and Smartcloud Orchestrator A vulnerability has been identified in IBM Cloud Orchestrator services/[action]/launch API. | 1.7 |
| 2016-10-16 | CVE-2016-0204 | Open Redirect vulnerability in IBM Cloud Orchestrator 2.4.0.0/2.4.0.1/2.4.0.2 Open redirect vulnerability in IBM Cloud Orchestrator 2.4.x before 2.4.0 FP3 allows remote authenticated users to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors. | 5.8 |