CVSS: 9.1EPSS: 0%CPEs: 3EXPL: 1CVE-2023-27290 – IBM Observability with Instana missing authentication
https://notcve.org/view.php?id=CVE-2023-27290
Docker based datastores for IBM Instana (IBM Observability with Instana 239-0 through 239-2, 241-0 through 241-2, and 243-0) do not currently require authentication. Due to this, an attacker within the network could access the datastores with read/write access. IBM X-Force ID: 248737. Docker based datastores for IBM Instana versions 239-0 through 239-2, 241-0 through 241-2, and 243-0 suffer from a missing authentication vulnerability. • https://www.exploit-db.com/exploits/51314 http://packetstormsecurity.com/files/171770/IBM-Instana-243-0-Missing-Authentication.html https://exchange.xforce.ibmcloud.com/vulnerabilities/248737 https://www.ibm.com/support/pages/node/6959969 • CWE-306: Missing Authentication for Critical Function •