Medium Severity

IBM Security Bulletin: A security vulnerability affects IBM Cloud Orchestrator and IBM Cloud Orchestrator Enterprise Edition (CVE-2019-4397)

Share this post:

IBM Cloud Orchestrator and IBM Cloud Orchestrator Enterprise has identified and addressed the vulnerability because of unencrypted sensitive data.

CVE(s): CVE-2019-4397

Affected product(s) and affected version(s):

IBM Cloud Orchestrator and IBM Cloud Orchestrator Enterprise 2.5, 2.5.0.1, 2.5.0.2, 2.5.0.3, 2.5.0.4, 2.5.0.5, 2.5.0.6, 2.5.0.7, 2.5.0.8, 2.5.0.9

IBM Cloud Orchestrator and IBM Cloud Orchestrator Enterprise 2.4, 2.4.0.1, 2.4.0.2, 2.4.0.3, 2.4.0.4, 2.4.0.5

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: https://www.ibm.com/support/pages/node/1077147
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/162239

More stories

Security Bulletin: Man in the middle vulnerability CVE-2014-3603 affects Websphere Liberty and OpenLiberty used by MobileFirst Platform Foundation

Feb 27, 2020 7:01 pm EST | Medium Severity

IBM MobileFirst Platform Foundation has addressed the following vulnerability.Man in the middle vulnerability CVE-2014-3603 affects Websphere Liberty and OpenLiberty ...read more


Security Bulletin: WebSphere Application Server Liberty vulnerabilities affect IBM Spectrum Control (formerly Tivoli Storage Productivity Center) (CVE-2019-4663 and CVE-2019-4720)

Feb 27, 2020 7:00 pm EST | Medium Severity

Security vulnerabilities in IBM WebSphere Application Server Liberty affect IBM Spectrum Control (formerly Tivoli Storage Productivity Center). IBM Spectrum Control has addressed the following CVEs. ...read more


Security Bulletin: MobileFirst Platform Foundation is affected by WebSphere Application Server Liberty is affected by Apache Commons Compress vulnerability (CVE-2019-12402)

Feb 27, 2020 7:00 pm EST | Medium Severity

IBM MobileFirst Platform Foundation has addressed the following vulnerability.WebSphere Application Server Liberty is affected by Apache Commons Compress vulnerability ...read more