CVE-2015-7494 in Cloud Orchestratorinfo

Summary

A vulnerability has been identified in IBM Cloud Orchestrator services/[action]/launch API. An authenticated domain admin user might modify cross domain resources via a /services/[action]/launch API call, provided it would have been possible for the domain admin user to gain access to a resource identifier of the other domain.

VulDB is the best source for vulnerability data and more expert information about this specific topic.

Reservation

09/29/2015

Disclosure

02/08/2017

Moderation

VulDB entry created

Entries

1: VDB-96719

CPE

ready

CWE

CWE-284 (Confirmed)

CVSS

4.6

EPSS

0.00046

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2015-7494
NVD	https://nvd.nist.gov/vuln/detail/CVE-2015-7494
CVE Details	https://www.cvedetails.com/cve/CVE-2015-7494/

◂ Previous Overview Next ▸

Do you know our Splunk app?

Download it now for free!