Security Bulletin: IBM Instana Observability is affected by multiple vulnerabilities within Instana Agent container image

Summary Multiple vulnerabilities were remediated in IBM Observability with Instana within Instana Agent container image build 270. Vulnerability Details CVEID:CVE-2024-29133 DESCRIPTION: Apache Commons Configuration could allow a remote attacker to execute arbitrary code on the system, caused by ...

CVE-2024-32019

Netdata is an open source observability tool. In affected versions the ndsudo tool shipped with affected versions of the Netdata Agent allows an attacker to run arbitrary programs with root permissions. The ndsudo tool is packaged as a root-owned executable with the SUID bit set. It only runs a...

CVE-2024-32019

Netdata CVE-2024-32019 is a local privilege escalation in the ndsudo binary (setuid root) due to an untrusted PATH resolution. Vulnerable in Netdata Agent versions prior to 1.45.3 (e.g., 1.45.0 and earlier); patched in 1.45.3 and 1.45.0-169. Exploitation relies on hijacking allowed commands via P...

CVE-2024-32019

Netdata is an open source observability tool. In affected versions the ndsudo tool shipped with affected versions of the Netdata Agent allows an attacker to run arbitrary programs with root permissions. The ndsudo tool is packaged as a root-owned executable with the SUID bit set. It only runs a...

Security Bulletin: IBM Observability with Instana is affected by Multiple Security Vulnerabilities

Summary Multiple vulnerabilities were remediated in IBM Observability with Instana build 269 Vulnerability Details CVEID:CVE-2020-15522 DESCRIPTION: Bouncy Castle BC Java, BC C .NET, BC-FJA, BC-FNA could allow a remote attacker to obtain sensitive information, caused by a timing issue within the ...

CVE-2024-28250

CVE-2024-28250 affects Cilium’s eBPF dataplane in versions prior to 1.14.8 and 1.15.2 when WireGuard is enabled. In these releases, wireguard-eligible traffic between a node’s Envoy proxy and pods on other nodes, and between a DNS proxy and pods on other nodes, could be sent unencrypted in cluste...

CVE-2024-28249

Cilium CVE-2024-28249 : In clusters with IPsec enabled and Layer 7 policies, IPsec-eligible traffic between a node’s Envoy proxy and pods on other nodes, and between a node’s DNS proxy and pods on other nodes, is sent unencrypted. This affects versions prior to 1.13.13, 1.14.8, and 1.15.2. The is...

CVE-2024-28848

OpenMetadata is a unified platform for discovery, observability, and governance powered by a central metadata repository, in-depth lineage, and seamless team collaboration. The ‎CompiledRule::validateExpression method evaluates an SpEL expression using an StandardEvaluationContext, allowing the...

CVE-2024-28847

OpenMetadata contains a SpEL (Spring Expression Language) injection in PUT /api/v1/events/subscriptions. The vulnerability stems from AlertUtil.validateExpression invoked by EventSubscriptionRepository.prepare(), called during EntityRepository.prepareInternal() as part of createOrUpdate flow, all...

CVE-2024-28253

OpenMetadata (policy handling) is affected by a SpEL injection in PUT /api/v1/policies. The vulnerability arises because SpEL expressions are evaluated in PolicyRepository.prepare() before authorization checks, allowing an attacker to craft a policy payload that executes arbitrary code via a runt...

Security Bulletin: IBM Instana Observability for Synthetic PoP is affected by vulnerabilities in vm2

Summary Vulnerabilities in vm2 were addressed in IBM Observability with Instana for Synthetic PoP build 256 CVE-2023-37903, CVE-2023-37466 Vulnerability Details CVEID:CVE-2023-37903 DESCRIPTION: Node.js vm2 module could allow a remote attacker to execute arbitrary code on the system, caused by a...

Security Bulletin: IBM Observability with Instana using third-party Kubernetes Operators is affected by Multiple Security Vulnerabilities

Summary Multiple vulnerabilities were remediated in IBM Observability with Instana using third-party Kubernetes Operators build 267 Vulnerability Details CVEID:CVE-2024-20919 DESCRIPTION: An unspecified vulnerability in Java SE related to the VM component could allow a remote attacker to cause hi...

Security Bulletin: IBM Instana Observability is affected by Vulnerabilities in Puma and Amazon Ion.

Summary Vulnerabilities in Puma and Amazon Ion were remediated in IBM Observability with Instana build 266. Vulnerability Details CVEID:CVE-2024-21647 DESCRIPTION: Puma is vulnerable to a denial of service, caused by incorrect behavior when parsing chunked transfer encoding bodies. By sending a...

Security Bulletin: IBM Instana Observability is affected by Vulnerabilities in Go-git with Instana Agent container image

Summary Vulnerabilities in Go-git were remediated in IBM Observability with Instana with Instana Agent container image build 265. CVE-2023-49569 & CVE-2023-49568 Vulnerability Details CVEID:CVE-2023-49569 DESCRIPTION: go-git could allow a remote attacker to traverse directories on the system. By...

Security Bulletin: IBM Observability with Instana is affected by Multiple Security Vulnerabilities

Summary Multiple vulnerabilities were remediated in IBM Observability with Instana build 262 Vulnerability Details CVEID:CVE-2022-41854 DESCRIPTION: snakeYAML is vulnerable to a denial of service, caused by improper input validation. By persuading a victim to open a specially-crafted YAML content...

Security Bulletin: IBM Observability with Instana for Synthetic PoP is affected by Multiple Security Vulnerabilities

Summary Multiple vulnerabilities were addressed in IBM Observability with Instana for Synthetic PoP build 268 Vulnerability Details CVEID:CVE-2023-22041 DESCRIPTION: An unspecified vulnerability in Java SE related to the VM component could allow a local attacker to cause high confidentiality...

Security Bulletin: IBM Instana Observability is affected by Vulnerabilities in Postgresql JDBC

Summary Vulnerabilities in Postgresql JDBC were remediated in IBM Observability with Instana build 267. Vulnerability Details CVEID:CVE-2022-41946 DESCRIPTION: Postgresql JDBC could allow a local authenticated attacker to obtain sensitive information, caused by not limit access to created readabl...

BIT-GRAFANA-2021-41244 Cross organization admin control in Grafana

Grafana is an open-source platform for monitoring and observability. In affected versions when the fine-grained access control beta feature is enabled and there is more than one organization in the Grafana instance admins are able to access users from other organizations. Grafana 8.0 introduced a...

BIT-GRAFANA-2022-21702 Cross site scripting in Grafana proxy

Grafana is an open-source platform for monitoring and observability. In affected versions an attacker could serve HTML content thru the Grafana datasource or plugin proxy and trick a user to visit this HTML page using a specially crafted link and execute a Cross-site Scripting XSS attack. The...

BIT-GRAFANA-2022-21713 Exposure of Sensitive Information in Grafana

Grafana is an open-source platform for monitoring and observability. Affected versions of Grafana expose multiple API endpoints which do not properly handle user authorization. /teams/:teamId will allow an authenticated attacker to view unintended data by querying for the specific team ID,...