CVE-2023-37404

Summary

IBM Observability with Instana 1.0.243 through 1.0.254 could allow an attacker on the network to execute arbitrary code on the host after a successful DNS poisoning attack. IBM X-Force ID: 259789.

Affected Software

VendorProductVersion RangeStatus
IBMObservability with Instana1.0.243 <= 1.0.254affected

Weaknesses

  • 940 Improper Verification of Source of a Communication Channel

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References