IBM SmartCloud Analytics - Log Analysis
Moderate fix1 remedy
cpe:2.3:a:ibm:smartcloud_analytics_log_analysis:*:*:*:*:*:*:*
Moderate fix1 remedy
- 1.3.5.0
- 1.3.5.1
- 1.3.5.2
- 1.3.6.0
- 1.3.6.1
- 1.3.7.0
- 1.3.7.1
- 1.3.7.2
- 1.3.8.0
- 1.3.8.1
- 1.3.8.2
- 1.3.8.3
IBM Operations Analytics and SmartCloud Analytics Cross-Site Request Forgery Vulnerability
Vulnerability
Patched
A cross-site request forgery (CSRF) vulnerability has been identified in IBM Operations Analytics - Log Analysis versions 1.3.5.0 through 1.3.8.3, as well as in IBM SmartCloud Analytics - Log Analysis. This vulnerability allows an attacker to deceive a trusted user into performing unauthorized actions.
Impact
Exploitation of this vulnerability could enable an attacker to perform malicious actions on behalf of an authenticated user, potentially leading to unauthorized changes or data manipulation within the application.
Remediation
Users are advised to upgrade to IBM Operations Analytics - Log Analysis version 1.3.8.3 Interim Fix 1 (1.3.8.3-TIV-IOALA-IF1) or later, available from IBM Fix Central. For upgrade instructions, refer to the README provided with the update.
Added: Feb 4, 2026, 10:37 PM
Updated: Feb 4, 2026, 10:37 PM
Vulnerability Rating
Custom Algorithm
spread
0.0impact
0.6exploitability
3.8remediation
7.7relevance
2.6threat
0.0urgency
2.9incentive
0.0Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.