A huge collection of 3400+ free website templates JAR theme com WP themes and more at the biggest community-driven free web design site
Home / security-advisories / Arbitrary code execution vulnerability on IBM Instana Observability (CVE-2023-39410)

Arbitrary code execution vulnerability on IBM Instana Observability (CVE-2023-39410)

Advisory No: TZCERT/SA/2024/07/04-2

Date of First Release: 4th July 2024

Source: IBM

Software Affected: IBM Observability with Instana (OnPrem)

Overview:

WordPress is vulnerable to four critical vulnerabilities. The attackers can leverage the vulnerability to take control of the affected system.

Description:

IBM Observability with Instana (OnPrem) is affected by a vulnerability tracked as CVE-2023-39410 with a CVSS score of 9.8. The flaw results from Apache Avro Java SDK that could allow a remote authenticated attacker to execute arbitrary code on the system, caused by an unsafe deserialization.

Impact:

Successful exploitation of this vulnerability may allow an attacker to take control or cause a denial of service condition of the affected system

Solution:

IBM has released a security patch for this vulnerability. Users and administrators are encouraged to apply necessary updates.

References:

  1. https://www.ibm.com/support/pages/node/7159660

Best free WordPress theme

Check Also

Multiple critical vulnerabilities affecting WordPress (CVE-2024-3604, CVE-2024-6314, CVE-2024-6313, CVE-2024-6365)

Advisory No: TZCERT/SA/2024/07/10-2 Date of First Release: 10th July 2024 Source: Wordfence Software Affected: osm, …

DISCLAIMER |FAQ |CONTACT US
Tanzania Computer Emergency Response Team © Copyright 2024, All Rights Reserved.