Medium severity6.5NVD Advisory· Published Oct 24, 2019· Updated Jun 17, 2026
CVE-2019-4397
CVE-2019-4397
Description
IBM Cloud Orchestrator and IBM Cloud Orchestrator Enterprise 2.5 through 2.5.0.9 and 2.4 through 2.4.0.5 stores sensitive information in URL parameters. This may lead to information disclosure if unauthorized parties have access to the URLs via server logs, referrer header or browser history. IBM X-Force ID: 162239
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3>= 2.4 <= 2.4.0.5, >= 2.5 <= 2.5.0.9+ 2 more
- (no CPE)range: >= 2.4 <= 2.4.0.5, >= 2.5 <= 2.5.0.9
- (no CPE)range: >= 2.4 <= 2.4.0.5, >= 2.5 <= 2.5.0.9
- (no CPE)range: 2.4
Patches
Vulnerability mechanics
References
2- www.ibm.com/support/pages/node/1077147nvdPatchVendor Advisory
- exchange.xforce.ibmcloud.com/vulnerabilities/162239nvdVDB EntryVendor Advisory
News mentions
0No linked articles in our index yet.