CVE-2024-40684
5.9 MEDIUMIBM Operations Analytics - Log Analysis 1.3.5.0, 1.3.5.1, 1.3.5.2, 1.3.5.3, 1.3.6.0, 1.3.6.1, 1.3.7.0, 1.3.7.1, 1.3.7.2, and 1.3.8.0, 1.3...
Published: 2026-05-27 · Last updated: 2026-06-05
Severity and scoring
- CVSS
- 5.9 MEDIUM
- Vector
- CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
- CWE
- CWE-521
Affected products
| Vendor | Product |
|---|---|
| ibm | operations_analytics_log_analysis |
Description
IBM Operations Analytics - Log Analysis 1.3.5.0, 1.3.5.1, 1.3.5.2, 1.3.5.3, 1.3.6.0, 1.3.6.1, 1.3.7.0, 1.3.7.1, 1.3.7.2, and 1.3.8.0, 1.3.8.1, 1.3.8.2, 1.3.8.3, 1.3.8.4 IBM SmartCloud Analytics - Log Analysis does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts.
Source: NVD
References
Related CVEs
Same vendor
- CVE-2026-9330 — IBM WebSphere Application Server 9.0, and 8.5 is affected by an improper validation of user-supplied data during deserialization using th... (8.5 HIGH)
- CVE-2026-9319 — IBM WebSphere Application Server 9.0, and 8.5 is vulnerable to potential remote code execution due to deserialization of untrusted data v... (9.0 CRITICAL)
- CVE-2026-9311 — IBM WebSphere Application Server 9.0, and 8.5 is vulnerable to remote code execution caused by the bypass of security controls (9.0 CRITICAL)
- CVE-2026-8644 — IBM WebSphere Application Server 9.0, and 8.5 is vulnerable to identity spoofing (9.1 CRITICAL)
- CVE-2026-1248 — IBM Business Automation Workflow containers and traditional may leak information about its database structure in error messages (4.3 MEDIUM)
Same CWE
- CVE-2026-11493 — A weakness has been identified in Tenda AC15 15.03.05.19 (5.0 MEDIUM)
- CVE-2026-9394 — A vulnerability was determined in Besen BS20 EV Charging Station up to 20260426 (3.1 LOW)
- CVE-2017-7903 — A Weak Password Requirements issue was discovered in Rockwell Automation Allen-Bradley MicroLogix 1100 programmable-logic controllers 176... (9.8 CRITICAL)