CVE-2026-7365

Vulnerability

IBM Operations Analytics – Log Analysis and IBM SmartCloud Analytics – Log Analysis ship with default credentials from the manufacturing process that are used for installation and authentication to the Log Analysis User Interface. This affects versions 1.3.2.0, 1.3.3.0, 1.3.5.0 through 1.3.5.3, 1.3.6.0 through 1.3.6.1, 1.3.7.0 through 1.3.7.2, and 1.3.8.0 through 1.3.8.4 [1]. The vulnerability is classified as CWE-1392 (Use of Default Credentials) [1].

Exploitation

An attacker with local access to the system can leverage the unchanged default password to authenticate to the Log Analysis UI without requiring any prior authentication, user interaction, or elevated privileges. The attack complexity is low, and no special network position beyond local access is needed. The attacker simply uses the known default credentials presented during the installation process to gain entry [1].

Impact

Successful exploitation results in full compromise of confidentiality, integrity, and availability, as the attacker obtains High-level access to all three CIA pillars within the scope of the affected Log Analysis environment. The CVSS vector (AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) indicates a base score of 8.4 (High) [1].

Mitigation

IBM strongly recommends resetting the default password through the GUI or integrating the product with LDAP. For versions prior to 1.3.7.0, IBM advises upgrading to 1.3.7-TIV-IOALA-FP_signed or later before applying the password change. Instructions are available in the IBM advisory under "Provision for Updating Default Password During Installation – IBM Operations Analytics Log Analysis" [1].