1.0.254

CVSS 9.8 - CRITICAL

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

network

low complexity

ibm

critical

NVD

Published: 2023-10-04

Updated: 2023-10-05

Summary

IBM Observability with Instana 1.0.243 through 1.0.254 could allow an attacker on the network to execute arbitrary code on the host after a successful DNS poisoning attack. IBM X-Force ID: 259789.

Vulnerable Configurations

Part	Description	Count
Application	Ibm IBM Observability With Instana 1.0.243 IBM Observability With Instana 1.0.254	2

References

https://www.ibm.com/support/pages/node/7041863
https://exchange.xforce.ibmcloud.com/vulnerabilities/259789