{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-7365", "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522", "state": "PUBLISHED", "assignerShortName": "ibm", "dateReserved": "2026-04-28T20:46:39.086Z", "datePublished": "2026-05-27T13:55:22.608Z", "dateUpdated": "2026-05-27T14:52:38.627Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522", "shortName": "ibm", "dateUpdated": "2026-05-27T13:55:22.608Z"}, "title": "IBM Operations Analytics - Log Analysis is affected by Information disclosure due to default passwords not being forced to be changed on post-installation", "problemTypes": [{"descriptions": [{"lang": "en", "cweId": "CWE-1392", "description": "CWE-1392 Use of Default Credentials", "type": "CWE"}]}], "affected": [{"vendor": "IBM", "product": "Operations Analytics - Log Analysis", "versions": [{"status": "affected", "version": "1.3.2.0"}, {"status": "affected", "version": "1.3.3.0"}, {"status": "affected", "version": "1.3.5.0, 1.3.5.1, 1.3.5.2, 1.3.5.3"}, {"status": "affected", "version": "1.3.6.0, 1.3.6.1"}, {"status": "affected", "version": "1.3.7.0, 1.3.7.1, 1.3.7.2"}, {"status": "affected", "version": "1.3.8.0, 1.3.8.1, 1.3.8.2, 1.3.8.3, 1.3.8.4"}], "cpes": ["cpe:2.3:a:ibm:operations_analytics___log_analysis:1.3.2.0:*:*:*:*:*:*:*", "cpe:2.3:a:ibm:operations_analytics___log_analysis:1.3.3.0:*:*:*:*:*:*:*", "cpe:2.3:a:ibm:operations_analytics___log_analysis:1.3.5.0:*:*:*:*:*:*:*", "cpe:2.3:a:ibm:operations_analytics___log_analysis:1.3.6.0:*:*:*:*:*:*:*", "cpe:2.3:a:ibm:operations_analytics___log_analysis:1.3.7.0:*:*:*:*:*:*:*", "cpe:2.3:a:ibm:operations_analytics___log_analysis:1.3.8.0:*:*:*:*:*:*:*"]}], "descriptions": [{"lang": "en", "value": "IBM Operations Analytics - Log Analysis\u00a0 and IBM SmartCloud Analytics - Log Analysis uses default passwords default passwords from the manufacturing process for use during the installation process, which could allow an attacker to bypass authentication.", "supportingMedia": [{"type": "text/html", "base64": false, "value": "<p>IBM Operations Analytics - Log Analysis&nbsp; and IBM SmartCloud Analytics - Log Analysis uses default passwords default passwords from the manufacturing process for use during the installation process, which could allow an attacker to bypass authentication.</p>"}]}], "references": [{"url": "https://www.ibm.com/support/pages/node/7272268", "tags": ["vendor-advisory", "patch"]}], "metrics": [{"format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}], "cvssV3_1": {"version": "3.1", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseSeverity": "HIGH", "baseScore": 8.4, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}}], "solutions": [{"lang": "en", "value": "Principal Product and Version(s)Fix detailsIBM Operations Analytics - Log Analysis version 1.3.2.0, 1.3.3.0, 1.3.5.0, 1.3.5.1, 1.3.5.2, 1.3.5.3, 1.3.6.0, 1.3.6.1, 1.3.6.2, 1.3.7.0, 1.3.7.1, 1.3.7.2, 1.3.8.0, 1.3.8.1, 1.3.8.2, 1.3.8.3, 1.3.8.4IBM strongly recommends addressing the vulnerability now by resetting the password through the GUI or integrating IBM Operations Analytics - Log Analysis with LDAP. Refer to Provision for Updating Default Password During Installation - IBM Operations Analytics Log Analysis for the instructions.For Log Analysis before 1.3.7.0, upgrade to 1.3.7-TIV-IOALA-FP_signed or later before applying this.", "supportingMedia": [{"type": "text/html", "base64": false, "value": "<div><table><colgroup><col/><col/></colgroup><tbody><tr><td>Principal Product and Version(s)</td><td>Fix details</td></tr><tr><td>IBM Operations Analytics - Log Analysis version 1.3.2.0, 1.3.3.0, 1.3.5.0, 1.3.5.1, 1.3.5.2, 1.3.5.3, 1.3.6.0, 1.3.6.1, 1.3.6.2, 1.3.7.0, 1.3.7.1, 1.3.7.2, 1.3.8.0, 1.3.8.1, 1.3.8.2, 1.3.8.3, 1.3.8.4</td><td>IBM strongly recommends addressing the vulnerability now by resetting the password through the GUI or integrating IBM Operations Analytics - Log Analysis with LDAP. Refer to <a href=\"https://www.ibm.com/support/pages/node/7182994\" rel=\"noopener noreferrer nofollow\">Provision for Updating Default Password During Installation - IBM Operations Analytics Log Analysis</a> for the instructions.<br/><br/>For Log Analysis before 1.3.7.0, <a href=\"https://www.ibm.com/support/pages/node/1135125\" rel=\"noopener noreferrer nofollow\">upgrade</a> to <a href=\"https://www.ibm.com/support/fixcentral/swg/selectFixes?parent=IBM%20Operations%20Analytics&amp;product=ibm/Tivoli/IBM+SmartCloud+Analytics+-+Log+Analysis&amp;release=1.3.6&amp;platform=All&amp;function=all\" rel=\"noopener noreferrer nofollow\">1.3.7-TIV-IOALA-FP_signed</a> or later before applying this.</td></tr></tbody></table></div>"}]}], "x_generator": {"engine": "ibm-cvegen"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-05-27T14:51:48.386177Z", "id": "CVE-2026-7365", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-05-27T14:52:38.627Z"}}]}}

{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-7365", "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522", "state": "PUBLISHED", "assignerShortName": "ibm", "dateReserved": "2026-04-28T20:46:39.086Z", "datePublished": "2026-05-27T13:55:22.608Z", "dateUpdated": "2026-05-27T14:52:38.627Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522", "shortName": "ibm", "dateUpdated": "2026-05-27T13:55:22.608Z"}, "title": "IBM Operations Analytics - Log Analysis is affected by Information disclosure due to default passwords not being forced to be changed on post-installation", "problemTypes": [{"descriptions": [{"lang": "en", "cweId": "CWE-1392", "description": "CWE-1392 Use of Default Credentials", "type": "CWE"}]}], "affected": [{"vendor": "IBM", "product": "Operations Analytics - Log Analysis", "versions": [{"status": "affected", "version": "1.3.2.0"}, {"status": "affected", "version": "1.3.3.0"}, {"status": "affected", "version": "1.3.5.0, 1.3.5.1, 1.3.5.2, 1.3.5.3"}, {"status": "affected", "version": "1.3.6.0, 1.3.6.1"}, {"status": "affected", "version": "1.3.7.0, 1.3.7.1, 1.3.7.2"}, {"status": "affected", "version": "1.3.8.0, 1.3.8.1, 1.3.8.2, 1.3.8.3, 1.3.8.4"}], "cpes": ["cpe:2.3:a:ibm:operations_analytics___log_analysis:1.3.2.0:*:*:*:*:*:*:*", "cpe:2.3:a:ibm:operations_analytics___log_analysis:1.3.3.0:*:*:*:*:*:*:*", "cpe:2.3:a:ibm:operations_analytics___log_analysis:1.3.5.0:*:*:*:*:*:*:*", "cpe:2.3:a:ibm:operations_analytics___log_analysis:1.3.6.0:*:*:*:*:*:*:*", "cpe:2.3:a:ibm:operations_analytics___log_analysis:1.3.7.0:*:*:*:*:*:*:*", "cpe:2.3:a:ibm:operations_analytics___log_analysis:1.3.8.0:*:*:*:*:*:*:*"]}], "descriptions": [{"lang": "en", "value": "IBM Operations Analytics - Log Analysis\u00a0 and IBM SmartCloud Analytics - Log Analysis uses default passwords default passwords from the manufacturing process for use during the installation process, which could allow an attacker to bypass authentication.", "supportingMedia": [{"type": "text/html", "base64": false, "value": "<p>IBM Operations Analytics - Log Analysis&nbsp; and IBM SmartCloud Analytics - Log Analysis uses default passwords default passwords from the manufacturing process for use during the installation process, which could allow an attacker to bypass authentication.</p>"}]}], "references": [{"url": "https://www.ibm.com/support/pages/node/7272268", "tags": ["vendor-advisory", "patch"]}], "metrics": [{"format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}], "cvssV3_1": {"version": "3.1", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseSeverity": "HIGH", "baseScore": 8.4, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}}], "solutions": [{"lang": "en", "value": "Principal Product and Version(s)Fix detailsIBM Operations Analytics - Log Analysis version 1.3.2.0, 1.3.3.0, 1.3.5.0, 1.3.5.1, 1.3.5.2, 1.3.5.3, 1.3.6.0, 1.3.6.1, 1.3.6.2, 1.3.7.0, 1.3.7.1, 1.3.7.2, 1.3.8.0, 1.3.8.1, 1.3.8.2, 1.3.8.3, 1.3.8.4IBM strongly recommends addressing the vulnerability now by resetting the password through the GUI or integrating IBM Operations Analytics - Log Analysis with LDAP. Refer to Provision for Updating Default Password During Installation - IBM Operations Analytics Log Analysis for the instructions.For Log Analysis before 1.3.7.0, upgrade to 1.3.7-TIV-IOALA-FP_signed or later before applying this.", "supportingMedia": [{"type": "text/html", "base64": false, "value": "<div><table><colgroup><col/><col/></colgroup><tbody><tr><td>Principal Product and Version(s)</td><td>Fix details</td></tr><tr><td>IBM Operations Analytics - Log Analysis version 1.3.2.0, 1.3.3.0, 1.3.5.0, 1.3.5.1, 1.3.5.2, 1.3.5.3, 1.3.6.0, 1.3.6.1, 1.3.6.2, 1.3.7.0, 1.3.7.1, 1.3.7.2, 1.3.8.0, 1.3.8.1, 1.3.8.2, 1.3.8.3, 1.3.8.4</td><td>IBM strongly recommends addressing the vulnerability now by resetting the password through the GUI or integrating IBM Operations Analytics - Log Analysis with LDAP. Refer to <a href=\"https://www.ibm.com/support/pages/node/7182994\" rel=\"noopener noreferrer nofollow\">Provision for Updating Default Password During Installation - IBM Operations Analytics Log Analysis</a> for the instructions.<br/><br/>For Log Analysis before 1.3.7.0, <a href=\"https://www.ibm.com/support/pages/node/1135125\" rel=\"noopener noreferrer nofollow\">upgrade</a> to <a href=\"https://www.ibm.com/support/fixcentral/swg/selectFixes?parent=IBM%20Operations%20Analytics&amp;product=ibm/Tivoli/IBM+SmartCloud+Analytics+-+Log+Analysis&amp;release=1.3.6&amp;platform=All&amp;function=all\" rel=\"noopener noreferrer nofollow\">1.3.7-TIV-IOALA-FP_signed</a> or later before applying this.</td></tr></tbody></table></div>"}]}], "x_generator": {"engine": "ibm-cvegen"}}, "adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-7365", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2026-05-27T14:51:48.386177Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-05-27T14:52:26.466Z"}}]}}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "IBM Operations Analytics - Log Analysis\u00a0 and IBM SmartCloud Analytics - Log Analysis uses default passwords default passwords from the manufacturing process for use during the installation process, which could allow an attacker to bypass authentication."}], "id": "CVE-2026-7365", "lastModified": "2026-05-27T14:53:51.833", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 8.4, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.5, "impactScore": 5.9, "source": "psirt@us.ibm.com", "type": "Primary"}]}, "published": "2026-05-27T14:17:35.280", "references": [{"source": "psirt@us.ibm.com", "url": "https://www.ibm.com/support/pages/node/7272268"}], "sourceIdentifier": "psirt@us.ibm.com", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-1392"}], "source": "psirt@us.ibm.com", "type": "Primary"}]}

{}

{}