281 matches found
Security Bulletin: IBM Operations Analytics - Log Analysis is affected by denial of service (DoS) due to Apache Commons FileUpload
Summary Apache Commons FileUpload in WebSphere Application Server Liberty is used by IBM Operations Analytics - Log Analysis as part of the parse and process HTTP requests for handling file uploads. CVE-2023-24998. Vulnerability Details CVEID:CVE-2023-24998 DESCRIPTION: Apache Commons FileUpload...
CVE-2026-7365
IBM Operations Analytics - Log Analysis and IBM SmartCloud Analytics - Log Analysis uses default passwords default passwords from the manufacturing process for use during the installation process, which could allow an attacker to bypass authentication...
EUVD-2026-32505
IBM Operations Analytics - Log Analysis and IBM SmartCloud Analytics - Log Analysis uses default passwords default passwords from the manufacturing process for use during the installation process, which could allow an attacker to bypass authentication...
CVE-2026-7365
IBM Operations Analytics - Log Analysis and IBM SmartCloud Analytics - Log Analysis uses default passwords default passwords from the manufacturing process for use during the installation process, which could allow an attacker to bypass authentication...
CVE-2026-7365 IBM Operations Analytics - Log Analysis is affected by Information disclosure due to default passwords not being forced to be changed on post-installation
IBM Operations Analytics - Log Analysis and IBM SmartCloud Analytics - Log Analysis uses default passwords default passwords from the manufacturing process for use during the installation process, which could allow an attacker to bypass authentication...
CVE-2024-40684 IBM Operations Analytics - Log Analysis is affected by Weak Password Policy and Inadequate Account Lockout Mechanism
IBM Operations Analytics - Log Analysis 1.3.5.0, 1.3.5.1, 1.3.5.2, 1.3.5.3, 1.3.6.0, 1.3.6.1, 1.3.7.0, 1.3.7.1, 1.3.7.2, and 1.3.8.0, 1.3.8.1, 1.3.8.2, 1.3.8.3, 1.3.8.4 IBM SmartCloud Analytics - Log Analysis does not require that users should have strong passwords by default, which makes it easi...
Security Bulletin: IBM Operations Analytics - Log Analysis is affected by Information disclosure due to default passwords not being forced to be changed on post-installation
Summary The default password is used by IBM Operations Analytics - Log Analysis as part of the authentication to the Log Analysis User Interface. CVE-2026-7365. Vulnerability Details CVEID:CVE-2026-7365 DESCRIPTION: IBM SmartCloud Analytics - Log Analysis uses default passwords default passwords...
Security Bulletin: IBM Operations Analytics - Log Analysis is affected by Cross-site scripting (XSS) vulnerability due to Apache Solr
Summary Admin UI in Apache Solr is used by IBM Operations Analytics - Log Analysis as part of the Solr administrative web interface. CVE-2015-8797. Vulnerability Details CVEID:CVE-2015-8797 DESCRIPTION: Cross-site scripting XSS vulnerability in webapp/web/js/scripts/plugins.js in the stats page i...
Security Bulletin: Due to use of Google Protocol Buffers, IBM Operations Analytics – Log Analysis is affected by denial of service.
Summary Google Protocol Buffers in Apache Solr is used by IBM Operations Analytics – Log Analysis as part of the data serialization and communication between services. CVE-2021-22570. Vulnerability Details CVEID:CVE-2021-22570 DESCRIPTION: Nullptr dereference when a null char is present in a prot...
Security Bulletin: IBM Operations Analytics – Log Analysis is affected by a security feature bypass due to Azure SDK for Java
Summary Azure SDK for Java is used by IBM Operations Analytics – Log Analysis as part of secure, asynchronous messaging and event streaming over AMQP Advanced Message Queuing Protocol. CVE‑2020‑16971. Vulnerability Details CVEID:CVE-2020-16971 DESCRIPTION: Azure SDK for Java Security Feature Bypa...
Security Bulletin: Due to use of Netty, IBM Operations Analytics - Log Analysis is affected by denial of service, information disclosure, and HTTP request smuggling
Summary Netty in Apache ZooKeeper and Logstash is used by IBM Operations Analytics - Log Analysis as part of the client/server network transport layer, and network-related plugins for protocol and event transport. CVE-2014-0193, CVE-2014-3488, CVE-2015-2156, CVE-2019-20444, CVE-2024-47535,...
Security Bulletin: IBM Operations Analytics - Log Analysis is affected by insufficiently privileged clients to execute snapshot and restore commands due to Apache Zookeeper
Summary Apache Zookeeper in Apache Solr is used by IBM Operations Analytics - Log Analysis as part of the coordination and configuration management backbone for SolrCloud. CVE-2025-58457. Vulnerability Details CVEID:CVE-2025-58457 DESCRIPTION: Improper permission check in ZooKeeper AdminServer le...
Security Bulletin: Due to use of Apache Commons Lang, IBM Operations Analytics - Log Analysis is affected by Uncontrolled Recursion Vulnerability
Summary Apache Commons Lang in Apache Solr is used by IBM Operations Analytics - Log Analysis as part of the core utility such as string manipulation, object utilities, and class utilities. CVE-2025-48924. Vulnerability Details CVEID:CVE-2025-48924 DESCRIPTION: Uncontrolled Recursion vulnerabilit...
Security Bulletin: IBM Operations Analytics - Log Analysis is affected by Weak Password Policy and Inadequate Account Lockout Mechanism
Summary IBM Operations Analytics – Log Analysis is affected by weaknesses in its Backend Authentication and Session Management module—used as part of its login mechanism—which exposes the product to improper authentication risks, including weak password policy enforcement and insufficient account...
Security Bulletin: IBM Operations Analytics - Log Analysis is affected by cross-site scripting due to WebSphere Application Server Liberty
Summary WebSphere Application Server Liberty is used by IBM Operations Analytics - Log Analysis as part of managing the lifecycle of Java servlets and client. CVE-2025-12635. Vulnerability Details CVEID:CVE-2025-12635 DESCRIPTION: IBM WebSphere Application Server 8.5, 9.0 and IBM WebSphere...
CVE-2024-40685
IBM Operations Analytics – Log Analysis versions 1.3.5.0 through 1.3.8.3 and IBM SmartCloud Analytics – Log Analysis are vulnerable to a cross-site request forgery CSRF vulnerability that could allow an attacker to trick a trusted user into performing unauthorized actions...
CVE-2024-40685 IBM Operations Analytics - Log Analysis is affected by CSRF Token Replay Attack
IBM Operations Analytics – Log Analysis versions 1.3.5.0 through 1.3.8.3 and IBM SmartCloud Analytics – Log Analysis are vulnerable to a cross-site request forgery CSRF vulnerability that could allow an attacker to trick a trusted user into performing unauthorized actions...
CVE-2024-40685
CVE-2024-40685 affects IBM Operations Analytics – Log Analysis and IBM SmartCloud Analytics – Log Analysis. Connected sources confirm a CSRF vulnerability that could allow an attacker to trick a trusted user into performing unauthorized actions. Affected versions include IBM Operations Analytics ...
CVE-2024-40685 IBM Operations Analytics - Log Analysis is affected by CSRF Token Replay Attack
IBM Operations Analytics – Log Analysis versions 1.3.5.0 through 1.3.8.3 and IBM SmartCloud Analytics – Log Analysis are vulnerable to a cross-site request forgery CSRF vulnerability that could allow an attacker to trick a trusted user into performing unauthorized actions...
CVE-2024-40685
IBM Operations Analytics – Log Analysis versions 1.3.5.0 through 1.3.8.3 and IBM SmartCloud Analytics – Log Analysis are vulnerable to a cross-site request forgery CSRF vulnerability that could allow an attacker to trick a trusted user into performing unauthorized actions...