IBM Cloud Orchestrator 2.4 up to and including 2.4.0.5 and 2.5 up to and including 2.5.0.9 is vulnerable to HTTP Response Splitting caused by improper caching of content. This would allow the malicious user to perform further attacks, such as Web Cache poisoning, cross-site scripting and possibly obtain sensitive information. IBM X-Force ID: 163682.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
ibm cloud orchestrator |