CVE-2024-40684
IBM Operations Analytics - Log Analysis is affected by Weak Password Policy and Inadequate Account Lockout Mechanism
CVSS Score
5.9
EPSS Score
0.0%
EPSS Percentile
0th
IBM Operations Analytics - Log Analysis 1.3.5.0, 1.3.5.1, 1.3.5.2, 1.3.5.3, 1.3.6.0, 1.3.6.1, 1.3.7.0, 1.3.7.1, 1.3.7.2, and 1.3.8.0, 1.3.8.1, 1.3.8.2, 1.3.8.3, 1.3.8.4 IBM SmartCloud Analytics - Log Analysis does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts.
| CWE | CWE-521 |
| Vendor | ibm |
| Product | operations analytics - log analysis |
| Published | May 27, 2026 |
| Last Updated | May 27, 2026 |
Stay Ahead of the Next One
Get instant alerts for ibm operations analytics - log analysis
Be the first to know when new medium vulnerabilities affecting ibm operations analytics - log analysis are published โ delivered to Slack, Telegram or Discord.
Get Free Alerts โ
Free ยท No credit card ยท 60 sec setup
CVSS v3 Breakdown
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N Attack Vector
Network
Attack Complexity
High
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
None
Availability
None
Affected Versions
IBM / Operations Analytics - Log Analysis
1.3.5.0, 1.3.5.1, 1.3.5.2, 1.3.5.3 โค 7.2.0.14 1.3.6.0, 1.3.6.1 1.3.7.0, 1.3.7.1, 1.3.7.2 1.3.8.0, 1.3.8.1, 1.3.8.2, 1.3.8.3, 1.3.8.4