Vulnerabilities > CVE-2023-27290 - Unspecified vulnerability in IBM Observability With Instana
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
HIGH Integrity impact
HIGH Availability impact
NONE Summary
Docker based datastores for IBM Instana (IBM Observability with Instana 239-0 through 239-2, 241-0 through 241-2, and 243-0) do not currently require authentication. Due to this, an attacker within the network could access the datastores with read/write access. IBM X-Force ID: 248737.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 5 |
References
- http://packetstormsecurity.com/files/171770/IBM-Instana-243-0-Missing-Authentication.html
- http://packetstormsecurity.com/files/171770/IBM-Instana-243-0-Missing-Authentication.html
- https://exchange.xforce.ibmcloud.com/vulnerabilities/248737
- https://exchange.xforce.ibmcloud.com/vulnerabilities/248737
- https://www.ibm.com/support/pages/node/6959969
- https://www.ibm.com/support/pages/node/6959969