Skip to main content

Government officials will never ask you to transfer money or disclose bank log-in details over a phone call.

Call the 24/7 ScamShield Helpline at 1799 if you are unsure if something is a scam.

Cyber Security Agency of Singapore
  1. Home
  2. Alerts & Advisories
  3. Alerts
  4. Critical Vulnerability in IBM Instana's Products
Alerts

Critical Vulnerability in IBM Instana's Products

9 March 2023

IBM has released security updates addressing a critical vulnerability (CVE-2023-27290) in their Instana's products.

Successful exploitation of the vulnerability could allow an attacker with network access to the datastores to gain read or write privileges.

The following versions of Instana are affected:

  • IBM Observability with Instana version 239-0 to 239-2

  • IBM Observability with Instana version 241-0 to 241-2

  • IBM Observability with Instana version 243-0

Users and administrators of the affected product versions are advised to upgrade to the latest versions immediately.

More information is available here:

https://www.ibm.com/support/pages/node/6959969

https://www.ibm.com/docs/en/instana-observability/current?topic=premises-operations-docker-based-instana

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-27290

Back to top