Medium severity6.8NVD Advisory· Published Oct 16, 2016· Updated Jun 17, 2026
CVE-2016-0204
CVE-2016-0204
Description
Open redirect vulnerability in IBM Cloud Orchestrator 2.4.x before 2.4.0 FP3 allows remote authenticated users to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.
Affected products
4cpe:2.3:a:ibm:cloud_orchestrator:2.4.0.0:*:*:*:*:*:*:*+ 3 more
- cpe:2.3:a:ibm:cloud_orchestrator:2.4.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:cloud_orchestrator:2.4.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:cloud_orchestrator:2.4.0.2:*:*:*:*:*:*:*
- (no CPE)range: <2.4.0 FP3
Patches
Vulnerability mechanics
References
2- www-01.ibm.com/support/docview.wssnvdPatchVendor Advisory
- www.securityfocus.com/bid/93512nvdThird Party AdvisoryVDB Entry
News mentions
0No linked articles in our index yet.