Published: 03/03/2023 Updated: 10/04/2023

CVSS v3 Base Score: 9.1 | Impact Score: 5.2 | Exploitability Score: 3.9

VMScore: 0

Docker based datastores for IBM Instana (IBM Observability with Instana 239-0 through 239-2, 241-0 through 241-2, and 243-0) do not currently require authentication. Due to this, an attacker within the network could access the datastores with read/write access. IBM X-Force ID: 248737.

Vulnerable Product	Search on Vulmon	Subscribe to Product
ibm observability with instana 243-0
ibm observability with instana

This is a command and control exploitation toolkit to exploit IBM Instana cloud microservices. Accepts host IP as an input.

Exploiting IBM Instana Observability (CVE-2023-27290) This is a toolkit to exploit IBM Instana cloud microservices running on authenticated open ports Accepts host IP as an input Using the tool, an attacker can execute commands such as kafka-topics, cqlsh, curl, etc, on the target host The script takes input from the command line, including the host IP address, the command

Recognisance and exploitation of some of the most popular microservices.

Microservices Exploitation This repository contains a collection of tools for identifying vulnerabilities in microservices and gaining access to internal networks These tools include injection techniques, remote code execution, and more to exploit CVEs like CVE-2023-27290 Usage: Usage example python3 clickhouse_exploitpy --host 19216811 --command "SELECT%20count(*)

CWE-306 https://www.ibm.com/support/pages/node/6959969 https://exchange.xforce.ibmcloud.com/vulnerabilities/248737 http://packetstormsecurity.com/files/171770/IBM-Instana-243-0-Missing-Authentication.html https://nvd.nist.gov https://github.com/zipponnova/IBM-Instana-Exploits

CVE-2023-27290

Vulnerability Summary

Vulnerability Trend

Github Repositories

References

Vulmon Search

About

Products

Connect