Summary Vulnerability in Docker Engine that could allow attackers to bypass authorization plugins (AuthZ) was remediated in IBM Observability with Instana Build 279. (CVE-2024-41110) Vulnerability Details ** CVEID: CVE-2024-41110 DESCRIPTION: **Moby could allow a remote authenticated attacker to bypass security restrictions, caused by improper authorization validation. By sending a specially crafted API request, an attacker could exploit this vulnerability to bypass authorization plugins (AuthZ). CVSS Base score: 9.9 CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/350495 for the current score. CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H) Affected Products and Versions Affected Product(s)| Version(s) —|— IBM Observability with Instana (OnPrem)| Build 278 Remediation/Fixes IBM strongly recommends addressing these vulnerabilities now by updating IBM Observability with Instana to the latest release as described here: https://www.ibm.com/docs/en/instana-observability/current Affected Product(s)| Version(s)| Remediation/Fixes/Instructions —|—|— IBM Observability with Instana (OnPrem)| Build 278| Build 279 Workarounds and Mitigations…Read More