Lucene search
K
IbmSmartcloud Analytics Log Analysis

10 matches found

CVE
CVE
added 2019/11/22 3:21 p.m.68 views

CVE-2019-4215

CVE-2019-4215 affects IBM Operations Analytics - Log Analysis versions 1.3.1 through 1.3.5 and is a clickjacking vulnerability. The IBM Security Bulletin details a vulnerability in Log Analysis that could allow a remote attacker to hijack the victim’s click actions by persuading them to visit a m...

6.1CVSS6.3AI score0.00897EPSS
CVE
CVE
added 2019/11/22 3:21 p.m.64 views

CVE-2019-4216

CVE-2019-4216 affects IBM Operations Analytics - Log Analysis (formerly SmartCloud/Log Analysis) versions 1.3.1–1.3.5. The vulnerability is a host header injection in HTTP requests, which could lead to HTTP cache poisoning or firewall bypass. The IBM security bulletin confirms the affected versio...

4.9CVSS5.1AI score0.00611EPSS
CVE
CVE
added 2014/04/24 10:0 a.m.59 views

CVE-2013-6738

CVE-2013-6738 is an XSS vulnerability in IBM SmartCloud Analytics Log Analysis (OAuth endpoint) and in IBM WebSphere Application Server OAuth functionality. The initial entry states that IBM SmartCloud Analytics Log Analysis 1.1 and 1.2 prior to 1.2.0.0-CSI-SCALA-IF0003 can be exploited to inject...

4.3CVSS7.4AI score0.02077EPSS
CVE
CVE
added 2019/11/22 3:21 p.m.57 views

CVE-2019-4243

CVE-2019-4243 affects IBM Operations Analytics - Log Analysis (Solr component) for versions 1.3.1–1.3.5. The vulnerability allows unauthorized disclosure by enabling access to files such as solrconfig.xml and could enable disruptive administrator actions due to unrestricted access. IBM's remediat...

5.1CVSS4.6AI score0.00314EPSS
CVE
CVE
added 2019/11/22 3:21 p.m.50 views

CVE-2019-4214

CVE-2019-4214 affects IBM SmartCloud Analytics / IBM Operations Analytics - Log Analysis versions 1.3.1–1.3.5. The issue is that authorization tokens and session cookies lack the Secure attribute, potentially allowing sensitive information to be exposed via MITM attacks. The NVD/NVD-derived data ...

4.3CVSS4AI score0.00477EPSS
CVE
CVE
added 2019/12/10 4:10 p.m.41 views

CVE-2019-4244

CVE-2019-4244 affects IBM Operations Analytics - Log Analysis (Log Analysis) components running on IBM SmartCloud Analytics. The vulnerability stems from missing authentication in the Apache Zookeeper integration, allowing a remote attacker to gain unauthorized information and unrestricted contro...

9.1CVSS8.8AI score0.02134EPSS
CVE
CVE
added 2025/07/23 11:9 a.m.27 views

CVE-2024-41751

IBM SmartCloud Analytics - Log Analysis (versions 1.3.7.0, 1.3.7.1, 1.3.7.2, 1.3.8.0, 1.3.8.1, 1.3.8.2) is affected by CVE-2024-41751, a CWE-602 client-side enforcement bypass that enables a local, authenticated attacker to manipulate data by bypassing security controls on the client. The Red Hat...

5.5CVSS6.2AI score0.00116EPSS
CVE
CVE
added 2025/07/23 11:12 a.m.23 views

CVE-2024-40686

The CVE-2024-40686 issue affects IBM SmartCloud Analytics - Log Analysis versions 1.3.7.0 through 1.3.8.2. Root cause: improper validation of input in the HOST header, enabling HTTP header injection. Consequences stated in the sources include potential cross-site scripting, cache poisoning, or se...

6.1CVSS6.2AI score0.00179EPSS
CVE
CVE
added 2025/07/23 11:14 a.m.21 views

CVE-2024-40682

CVE-2024-40682 affects IBM Operations Analytics - Log Analysis. Affected versions are 1.3.7.0, 1.3.7.1, 1.3.7.2, 1.3.8.0, 1.3.8.1, and 1.3.8.2. The vulnerability arises from improper validation of a specified input type, allowing a local user to cause a denial of service. IBM’s remediation advise...

6.2CVSS6.1AI score0.00113EPSS
CVE
CVE
added 2025/07/23 11:15 a.m.21 views

CVE-2024-41750

CVE-2024-41750 affects IBM Operations Analytics - Log Analysis (versions 1.3.7.0 to 1.3.8.2). Root cause: client-side security enforcement can be bypassed, enabling a local, authenticated attacker to manipulate data by bypassing input/validation checks. The IBM Security Bulletin confirms a relate...

5.5CVSS6.1AI score0.00116EPSS