IBM Cloud Orchestrator and IBM Cloud Orchestrator Enterprise 2.5 through 2.5.0.9 and 2.4 through 2.4.0.5 could allow a local user to obtain sensitive information from SessionManagement cookies. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity.
IBM
Path Traversal
Information Disclosure
Cloud Orchestrator
Cloud Orchestrator Enterprise
NVD
CVSS 3.1
3.3
EPSS
0.3%