CVE-2026-7365 (GCVE-0-2026-7365)
Vulnerability from cvelistv5 – Published: 2026-05-27 13:55 – Updated: 2026-05-27 14:52
VLAI
Title
IBM Operations Analytics - Log Analysis is affected by Information disclosure due to default passwords not being forced to be changed on post-installation
Summary
IBM Operations Analytics - Log Analysis and IBM SmartCloud Analytics - Log Analysis uses default passwords default passwords from the manufacturing process for use during the installation process, which could allow an attacker to bypass authentication.
Severity
8.4 (High)
CWE
- CWE-1392 - Use of Default Credentials
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://www.ibm.com/support/pages/node/7272268 | vendor-advisorypatch |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| IBM | Operations Analytics - Log Analysis |
Affected:
1.3.2.0
Affected: 1.3.3.0 Affected: 1.3.5.0, 1.3.5.1, 1.3.5.2, 1.3.5.3 Affected: 1.3.6.0, 1.3.6.1 Affected: 1.3.7.0, 1.3.7.1, 1.3.7.2 Affected: 1.3.8.0, 1.3.8.1, 1.3.8.2, 1.3.8.3, 1.3.8.4 cpe:2.3:a:ibm:operations_analytics___log_analysis:1.3.2.0:*:*:*:*:*:*:* cpe:2.3:a:ibm:operations_analytics___log_analysis:1.3.3.0:*:*:*:*:*:*:* cpe:2.3:a:ibm:operations_analytics___log_analysis:1.3.5.0:*:*:*:*:*:*:* cpe:2.3:a:ibm:operations_analytics___log_analysis:1.3.6.0:*:*:*:*:*:*:* cpe:2.3:a:ibm:operations_analytics___log_analysis:1.3.7.0:*:*:*:*:*:*:* cpe:2.3:a:ibm:operations_analytics___log_analysis:1.3.8.0:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-7365",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-27T14:51:48.386177Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-27T14:52:38.627Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:ibm:operations_analytics___log_analysis:1.3.2.0:*:*:*:*:*:*:*",
"cpe:2.3:a:ibm:operations_analytics___log_analysis:1.3.3.0:*:*:*:*:*:*:*",
"cpe:2.3:a:ibm:operations_analytics___log_analysis:1.3.5.0:*:*:*:*:*:*:*",
"cpe:2.3:a:ibm:operations_analytics___log_analysis:1.3.6.0:*:*:*:*:*:*:*",
"cpe:2.3:a:ibm:operations_analytics___log_analysis:1.3.7.0:*:*:*:*:*:*:*",
"cpe:2.3:a:ibm:operations_analytics___log_analysis:1.3.8.0:*:*:*:*:*:*:*"
],
"product": "Operations Analytics - Log Analysis",
"vendor": "IBM",
"versions": [
{
"status": "affected",
"version": "1.3.2.0"
},
{
"status": "affected",
"version": "1.3.3.0"
},
{
"status": "affected",
"version": "1.3.5.0, 1.3.5.1, 1.3.5.2, 1.3.5.3"
},
{
"status": "affected",
"version": "1.3.6.0, 1.3.6.1"
},
{
"status": "affected",
"version": "1.3.7.0, 1.3.7.1, 1.3.7.2"
},
{
"status": "affected",
"version": "1.3.8.0, 1.3.8.1, 1.3.8.2, 1.3.8.3, 1.3.8.4"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eIBM Operations Analytics - Log Analysis\u0026nbsp; and IBM SmartCloud Analytics - Log Analysis uses default passwords default passwords from the manufacturing process for use during the installation process, which could allow an attacker to bypass authentication.\u003c/p\u003e"
}
],
"value": "IBM Operations Analytics - Log Analysis\u00a0 and IBM SmartCloud Analytics - Log Analysis uses default passwords default passwords from the manufacturing process for use during the installation process, which could allow an attacker to bypass authentication."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1392",
"description": "CWE-1392 Use of Default Credentials",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-27T13:55:22.608Z",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"tags": [
"vendor-advisory",
"patch"
],
"url": "https://www.ibm.com/support/pages/node/7272268"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cdiv\u003e\u003ctable\u003e\u003ccolgroup\u003e\u003ccol/\u003e\u003ccol/\u003e\u003c/colgroup\u003e\u003ctbody\u003e\u003ctr\u003e\u003ctd\u003ePrincipal Product and Version(s)\u003c/td\u003e\u003ctd\u003eFix details\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003eIBM Operations Analytics - Log Analysis version 1.3.2.0, 1.3.3.0, 1.3.5.0, 1.3.5.1, 1.3.5.2, 1.3.5.3, 1.3.6.0, 1.3.6.1, 1.3.6.2, 1.3.7.0, 1.3.7.1, 1.3.7.2, 1.3.8.0, 1.3.8.1, 1.3.8.2, 1.3.8.3, 1.3.8.4\u003c/td\u003e\u003ctd\u003eIBM strongly recommends addressing the vulnerability now by resetting the password through the GUI or integrating IBM Operations Analytics - Log Analysis with LDAP. Refer to \u003ca href=\"https://www.ibm.com/support/pages/node/7182994\" rel=\"noopener noreferrer nofollow\"\u003eProvision for Updating Default Password During Installation - IBM Operations Analytics Log Analysis\u003c/a\u003e for the instructions.\u003cbr/\u003e\u003cbr/\u003eFor Log Analysis before 1.3.7.0, \u003ca href=\"https://www.ibm.com/support/pages/node/1135125\" rel=\"noopener noreferrer nofollow\"\u003eupgrade\u003c/a\u003e to \u003ca href=\"https://www.ibm.com/support/fixcentral/swg/selectFixes?parent=IBM%20Operations%20Analytics\u0026amp;product=ibm/Tivoli/IBM+SmartCloud+Analytics+-+Log+Analysis\u0026amp;release=1.3.6\u0026amp;platform=All\u0026amp;function=all\" rel=\"noopener noreferrer nofollow\"\u003e1.3.7-TIV-IOALA-FP_signed\u003c/a\u003e or later before applying this.\u003c/td\u003e\u003c/tr\u003e\u003c/tbody\u003e\u003c/table\u003e\u003c/div\u003e"
}
],
"value": "Principal Product and Version(s)Fix detailsIBM Operations Analytics - Log Analysis version 1.3.2.0, 1.3.3.0, 1.3.5.0, 1.3.5.1, 1.3.5.2, 1.3.5.3, 1.3.6.0, 1.3.6.1, 1.3.6.2, 1.3.7.0, 1.3.7.1, 1.3.7.2, 1.3.8.0, 1.3.8.1, 1.3.8.2, 1.3.8.3, 1.3.8.4IBM strongly recommends addressing the vulnerability now by resetting the password through the GUI or integrating IBM Operations Analytics - Log Analysis with LDAP. Refer to Provision for Updating Default Password During Installation - IBM Operations Analytics Log Analysis for the instructions.For Log Analysis before 1.3.7.0, upgrade to 1.3.7-TIV-IOALA-FP_signed or later before applying this."
}
],
"title": "IBM Operations Analytics - Log Analysis is affected by Information disclosure due to default passwords not being forced to be changed on post-installation",
"x_generator": {
"engine": "ibm-cvegen"
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2026-7365",
"datePublished": "2026-05-27T13:55:22.608Z",
"dateReserved": "2026-04-28T20:46:39.086Z",
"dateUpdated": "2026-05-27T14:52:38.627Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2026-7365",
"date": "2026-05-28",
"epss": "0.00017",
"percentile": "0.04686"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2026-7365\",\"sourceIdentifier\":\"psirt@us.ibm.com\",\"published\":\"2026-05-27T14:17:35.280\",\"lastModified\":\"2026-05-27T14:53:51.833\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"IBM Operations Analytics - Log Analysis\u00a0 and IBM SmartCloud Analytics - Log Analysis uses default passwords default passwords from the manufacturing process for use during the installation process, which could allow an attacker to bypass authentication.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"psirt@us.ibm.com\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":8.4,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.5,\"impactScore\":5.9}]},\"weaknesses\":[{\"source\":\"psirt@us.ibm.com\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-1392\"}]}],\"references\":[{\"url\":\"https://www.ibm.com/support/pages/node/7272268\",\"source\":\"psirt@us.ibm.com\"}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2026-7365\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2026-05-27T14:51:48.386177Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2026-05-27T14:52:26.466Z\"}}], \"cna\": {\"title\": \"IBM Operations Analytics - Log Analysis is affected by Information disclosure due to default passwords not being forced to be changed on post-installation\", \"metrics\": [{\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 8.4, \"attackVector\": \"LOCAL\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"HIGH\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"cpes\": [\"cpe:2.3:a:ibm:operations_analytics___log_analysis:1.3.2.0:*:*:*:*:*:*:*\", \"cpe:2.3:a:ibm:operations_analytics___log_analysis:1.3.3.0:*:*:*:*:*:*:*\", \"cpe:2.3:a:ibm:operations_analytics___log_analysis:1.3.5.0:*:*:*:*:*:*:*\", \"cpe:2.3:a:ibm:operations_analytics___log_analysis:1.3.6.0:*:*:*:*:*:*:*\", \"cpe:2.3:a:ibm:operations_analytics___log_analysis:1.3.7.0:*:*:*:*:*:*:*\", \"cpe:2.3:a:ibm:operations_analytics___log_analysis:1.3.8.0:*:*:*:*:*:*:*\"], \"vendor\": \"IBM\", \"product\": \"Operations Analytics - Log Analysis\", \"versions\": [{\"status\": \"affected\", \"version\": \"1.3.2.0\"}, {\"status\": \"affected\", \"version\": \"1.3.3.0\"}, {\"status\": \"affected\", \"version\": \"1.3.5.0, 1.3.5.1, 1.3.5.2, 1.3.5.3\"}, {\"status\": \"affected\", \"version\": \"1.3.6.0, 1.3.6.1\"}, {\"status\": \"affected\", \"version\": \"1.3.7.0, 1.3.7.1, 1.3.7.2\"}, {\"status\": \"affected\", \"version\": \"1.3.8.0, 1.3.8.1, 1.3.8.2, 1.3.8.3, 1.3.8.4\"}]}], \"solutions\": [{\"lang\": \"en\", \"value\": \"Principal Product and Version(s)Fix detailsIBM Operations Analytics - Log Analysis version 1.3.2.0, 1.3.3.0, 1.3.5.0, 1.3.5.1, 1.3.5.2, 1.3.5.3, 1.3.6.0, 1.3.6.1, 1.3.6.2, 1.3.7.0, 1.3.7.1, 1.3.7.2, 1.3.8.0, 1.3.8.1, 1.3.8.2, 1.3.8.3, 1.3.8.4IBM strongly recommends addressing the vulnerability now by resetting the password through the GUI or integrating IBM Operations Analytics - Log Analysis with LDAP. Refer to Provision for Updating Default Password During Installation - IBM Operations Analytics Log Analysis for the instructions.For Log Analysis before 1.3.7.0, upgrade to 1.3.7-TIV-IOALA-FP_signed or later before applying this.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"\u003cdiv\u003e\u003ctable\u003e\u003ccolgroup\u003e\u003ccol/\u003e\u003ccol/\u003e\u003c/colgroup\u003e\u003ctbody\u003e\u003ctr\u003e\u003ctd\u003ePrincipal Product and Version(s)\u003c/td\u003e\u003ctd\u003eFix details\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003eIBM Operations Analytics - Log Analysis version 1.3.2.0, 1.3.3.0, 1.3.5.0, 1.3.5.1, 1.3.5.2, 1.3.5.3, 1.3.6.0, 1.3.6.1, 1.3.6.2, 1.3.7.0, 1.3.7.1, 1.3.7.2, 1.3.8.0, 1.3.8.1, 1.3.8.2, 1.3.8.3, 1.3.8.4\u003c/td\u003e\u003ctd\u003eIBM strongly recommends addressing the vulnerability now by resetting the password through the GUI or integrating IBM Operations Analytics - Log Analysis with LDAP. Refer to \u003ca href=\\\"https://www.ibm.com/support/pages/node/7182994\\\" rel=\\\"noopener noreferrer nofollow\\\"\u003eProvision for Updating Default Password During Installation - IBM Operations Analytics Log Analysis\u003c/a\u003e for the instructions.\u003cbr/\u003e\u003cbr/\u003eFor Log Analysis before 1.3.7.0, \u003ca href=\\\"https://www.ibm.com/support/pages/node/1135125\\\" rel=\\\"noopener noreferrer nofollow\\\"\u003eupgrade\u003c/a\u003e to \u003ca href=\\\"https://www.ibm.com/support/fixcentral/swg/selectFixes?parent=IBM%20Operations%20Analytics\u0026amp;product=ibm/Tivoli/IBM+SmartCloud+Analytics+-+Log+Analysis\u0026amp;release=1.3.6\u0026amp;platform=All\u0026amp;function=all\\\" rel=\\\"noopener noreferrer nofollow\\\"\u003e1.3.7-TIV-IOALA-FP_signed\u003c/a\u003e or later before applying this.\u003c/td\u003e\u003c/tr\u003e\u003c/tbody\u003e\u003c/table\u003e\u003c/div\u003e\", \"base64\": false}]}], \"references\": [{\"url\": \"https://www.ibm.com/support/pages/node/7272268\", \"tags\": [\"vendor-advisory\", \"patch\"]}], \"x_generator\": {\"engine\": \"ibm-cvegen\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"IBM Operations Analytics - Log Analysis\\u00a0 and IBM SmartCloud Analytics - Log Analysis uses default passwords default passwords from the manufacturing process for use during the installation process, which could allow an attacker to bypass authentication.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"\u003cp\u003eIBM Operations Analytics - Log Analysis\u0026nbsp; and IBM SmartCloud Analytics - Log Analysis uses default passwords default passwords from the manufacturing process for use during the installation process, which could allow an attacker to bypass authentication.\u003c/p\u003e\", \"base64\": false}]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-1392\", \"description\": \"CWE-1392 Use of Default Credentials\"}]}], \"providerMetadata\": {\"orgId\": \"9a959283-ebb5-44b6-b705-dcc2bbced522\", \"shortName\": \"ibm\", \"dateUpdated\": \"2026-05-27T13:55:22.608Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2026-7365\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2026-05-27T14:52:38.627Z\", \"dateReserved\": \"2026-04-28T20:46:39.086Z\", \"assignerOrgId\": \"9a959283-ebb5-44b6-b705-dcc2bbced522\", \"datePublished\": \"2026-05-27T13:55:22.608Z\", \"assignerShortName\": \"ibm\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
}
}
Loading…
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…