IBM SmartCloud Analytics - Log Analysis
Moderate fix2 remedies
cpe:2.3:a:ibm:smartcloud_analytics_log_analysis:*:*:*:*:*:*:*
Moderate fix2 remedies
- 1.3.7.0
- 1.3.7.1
- 1.3.7.2
- 1.3.8.0
- 1.3.8.1
- 1.3.8.2
IBM SmartCloud Analytics - Log Analysis Privilege Escalation Vulnerability
Vulnerability
Patched
A vulnerability allowing local, authenticated attackers to bypass client-side security enforcement and manipulate data has been identified in IBM SmartCloud Analytics - Log Analysis versions 1.3.7.0, 1.3.7.1, 1.3.7.2, 1.3.8.0, 1.3.8.1, and 1.3.8.2. This vulnerability arises from a client-side enforcement issue that fails to properly regulate server-side security, potentially leading to unauthorized data manipulation.
Impact
Exploitation of this vulnerability could allow low-privilege users to escalate privileges by changing the passwords of high-privilege accounts, according to IBM.
Remediation
Users can upgrade to IBM Operations Analytics - Log Analysis version 1.3.8.2 Interim Fix 1. For versions prior to 1.3.8.2, upgrade to 1.3.8-TIV-IOALA-FP2 before installing this fix.
Added: Jul 23, 2025, 12:25 PM
Updated: Jul 23, 2025, 12:25 PM
Vulnerability Rating
Custom Algorithm
spread
0.0impact
5.0exploitability
3.3remediation
7.7relevance
0.3threat
0.0urgency
2.9incentive
1.7Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.