CVE-2026-7365 HIGH

CVE-2026-7365: IBM Operations Analytics - Log Analysis is affected by Information disclosure due to default passwords not being forced to be changed on post-installation

Vendor Ibm
Product Operations Analytics - Log Analysis
Weakness CWE-1392
Published May 27, 2026
Last update May 27, 2026

CVSS base score

8.4/10
Attack vector Local
Attack complexity Low
Privileges required None
User interaction None
Confidentiality High
Integrity High

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

What the vulnerability does

01Description

IBM Operations Analytics - Log Analysis  and IBM SmartCloud Analytics - Log Analysis uses default passwords default passwords from the manufacturing process for use during the installation process, which could allow an attacker to bypass authentication.

Key dates

02Disclosure timeline

May 27, 2026 CVE published
May 27, 2026 Record updated