CVE-2016-0202

{"id": "CVE-2016-0202", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 2.1, "accessVector": "LOCAL", "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "LOW", "obtainAllPrivilege": false, "exploitabilityScore": 3.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV30": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 3.3, "attackVector": "LOCAL", "baseSeverity": "LOW", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "LOW"}, "impactScore": 1.4, "exploitabilityScore": 1.8}]}, "published": "2017-02-08T22:59:00.277", "references": [{"url": "http://www.ibm.com/support/docview.wss?uid=swg2C1000134", "tags": ["Patch", "Vendor Advisory"], "source": "psirt@us.ibm.com"}, {"url": "http://www.securityfocus.com/bid/94578", "tags": ["Third Party Advisory", "VDB Entry"], "source": "psirt@us.ibm.com"}, {"url": "http://www.ibm.com/support/docview.wss?uid=swg2C1000134", "tags": ["Patch", "Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/bid/94578", "tags": ["Third Party Advisory", "VDB Entry"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-200"}]}], "descriptions": [{"lang": "en", "value": "A vulnerability has been identified in tasks, backend object generated for handling any action performed by the application in IBM Cloud Orchestrator. It is possible for an authenticated user to view any task of the current users domain."}, {"lang": "es", "value": "Se ha identificado una vulnerabilidad en tareas, objeto de backend generado para manejar cualquier acci\u00f3n realizada por la aplicaci\u00f3n en IBM Cloud Orchestrator. Para un usuario autenticado es posible ver cualquier tarea del dominio actual de los usuarios."}], "lastModified": "2024-11-21T02:41:15.767", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:ibm:cloud_orchestrator:2.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8227C8AC-7AAC-4DD1-A998-81595B0352DE"}, {"criteria": "cpe:2.3:a:ibm:cloud_orchestrator:2.3.0.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6982E71E-FD79-47A5-8060-56499F7D00B5"}, {"criteria": "cpe:2.3:a:ibm:cloud_orchestrator:2.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FE37CE11-6A58-4058-B3A0-5A223DC5601B"}, {"criteria": "cpe:2.3:a:ibm:cloud_orchestrator:2.4.0.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E747BF22-8A13-4073-967F-0C28055B2A45"}, {"criteria": "cpe:2.3:a:ibm:cloud_orchestrator:2.4.0.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A9B95F0E-F10A-4A0A-B675-73AD50A552B2"}, {"criteria": "cpe:2.3:a:ibm:cloud_orchestrator:2.4.0.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "42AC5772-6E74-4B9C-815F-ED8C265FED53"}], "operator": "OR"}]}], "sourceIdentifier": "psirt@us.ibm.com"}