Ibm Observability With Instana vulnerabilities
2 known vulnerabilities affecting ibm/observability_with_instana.
Total CVEs
2
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
CRITICAL2
Vulnerabilities
Page 1 of 1
CVE-2023-27290P2CRITICALCVSS 9.1PoC≥ 239-0, ≤ 239-2≥ 241-0, ≤ 241-2+3 more2023-03-03
CVE-2023-27290 [CRITICAL] CWE-306 CVE-2023-27290: Docker based datastores for IBM Instana (IBM Observability with Instana 239-0 through 239-2, 241-0 t
Docker based datastores for IBM Instana (IBM Observability with Instana 239-0 through 239-2, 241-0 through 241-2, and 243-0) do not currently require authentication. Due to this, an attacker within the network could access the datastores with read/write access. IBM X-Force ID: 248737.
nvd
CVE-2023-37404P3CRITICALCVSS 9.8≥ 1.0.243, < 1.0.255≥ 1.0.243, ≤ 1.0.2542023-10-04
CVE-2023-37404 [CRITICAL] CVE-2023-37404: IBM Observability with Instana 1.0.243 through 1.0.254 could allow an attacker on the network to exe
IBM Observability with Instana 1.0.243 through 1.0.254 could allow an attacker on the network to execute arbitrary code on the host after a successful DNS poisoning attack. IBM X-Force ID: 259789.
nvd