Advisory No: TZCERT/SA/2024/07/04-2
Date of First Release: 4th July 2024
Source: IBM
Software Affected: IBM Observability with Instana (OnPrem)
Overview:
WordPress is vulnerable to four critical vulnerabilities. The attackers can leverage the vulnerability to take control of the affected system.
Description:
IBM Observability with Instana (OnPrem) is affected by a vulnerability tracked as CVE-2023-39410 with a CVSS score of 9.8. The flaw results from Apache Avro Java SDK that could allow a remote authenticated attacker to execute arbitrary code on the system, caused by an unsafe deserialization.
Impact:
Successful exploitation of this vulnerability may allow an attacker to take control or cause a denial of service condition of the affected system
Solution:
IBM has released a security patch for this vulnerability. Users and administrators are encouraged to apply necessary updates.
References: