Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
IBM Observability with Instana missing authentication
Vulnerability Description
Docker based datastores for IBM Instana (IBM Observability with Instana 239-0 through 239-2, 241-0 through 241-2, and 243-0) do not currently require authentication. Due to this, an attacker within the network could access the datastores with read/write access. IBM X-Force ID: 248737.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
Vulnerability Type
关键功能的认证机制缺失
Vulnerability Title
IBM Observability with Instana 访问控制错误漏洞
Vulnerability Description
IBM Observability with Instana是美国国际商业机器(IBM)公司的一个强大的应用程序性能监控解决方案,可以更快地跟踪性能和解决事件。 IBM Observability with Instana存在访问控制错误漏洞,该漏洞源于基于Docker的数据存储不需要认证,攻击者利用该漏洞可以通过读/写权限访问数据存储。
CVSS Information
N/A
Vulnerability Type
N/A