A huge collection of 3400+ free website templates JAR theme com WP themes and more at the biggest community-driven free web design site
Home / security-advisories / Arbitrary code execution vulnerability on IBM Instana Observability (CVE-2023-39410)

Arbitrary code execution vulnerability on IBM Instana Observability (CVE-2023-39410)

Advisory No: TZCERT/SA/2024/07/04-2

Date of First Release: 4th July 2024

Source: IBM

Software Affected: IBM Observability with Instana (OnPrem)


WordPress is vulnerable to four critical vulnerabilities. The attackers can leverage the vulnerability to take control of the affected system.


IBM Observability with Instana (OnPrem) is affected by a vulnerability tracked as CVE-2023-39410 with a CVSS score of 9.8. The flaw results from Apache Avro Java SDK that could allow a remote authenticated attacker to execute arbitrary code on the system, caused by an unsafe deserialization.


Successful exploitation of this vulnerability may allow an attacker to take control or cause a denial of service condition of the affected system


IBM has released a security patch for this vulnerability. Users and administrators are encouraged to apply necessary updates.


  1. https://www.ibm.com/support/pages/node/7159660

Check Also

Remote Code Execution Vulnerabilities in SolarWinds Access Rights Manager (ARM) (CVE-2024-23469, CVE-2024-23467, CVE-2024-23471)

Advisory No: TZCERT/SA/2024/07/19-3 Date of First Release: 19th July 2024 Source: SolarWinds Software Affected: SolarWinds …