Vulnerabilities > IBM > Cloud Orchestrator > 2.5
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-10-24 | CVE-2019-4398 | Missing Encryption of Sensitive Data vulnerability in IBM Cloud Orchestrator and Cloud Orchestrator Enterprise IBM Cloud Orchestrator and IBM Cloud Orchestrator Enterprise 2.5 through 2.5.0.9 and 2.4 through 2.4.0.5 could allow a local user to obtain sensitive information from SessionManagement cookies. | 2.1 |
| 2017-02-08 | CVE-2016-0203 | Information Exposure vulnerability in IBM Cloud Orchestrator and Smartcloud Orchestrator A vulnerability has been identified in the IBM Cloud Orchestrator task API. | 2.1 |
| 2017-02-08 | CVE-2015-7494 | Improper Access Control vulnerability in IBM Cloud Orchestrator and Smartcloud Orchestrator A vulnerability has been identified in IBM Cloud Orchestrator services/[action]/launch API. | 1.7 |