PT-2023-25946 · Ibm · Ibm Observability With Instana
Published
2023-10-03
·
Updated
2023-10-05
·
CVE-2023-37404
CVSS v3.1
9.8
Critical
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
IBM Observability with Instana versions 1.0.243 through 1.0.254
Description
The issue allows an attacker on the network to execute arbitrary code on the host after a successful DNS poisoning attack.
Recommendations
For versions 1.0.243 through 1.0.254, update to a version outside of this range to mitigate the risk of arbitrary code execution.
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Ibm Observability With Instana