CVE-2026-4788
Received Received - Intake
Information Disclosure in IBM Tivoli Netcool Impact Logs

Publication date: 2026-04-08

Last updated on: 2026-04-14

Assigner: IBM Corporation

Description
IBM Tivoli Netcool Impact 7.1.0.0 through 7.1.0.37 stores sensitive information in log files that could be read by a local user.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-04-08
Last Modified
2026-04-14
Generated
2026-06-16
AI Q&A
2026-04-08
EPSS Evaluated
2026-06-15
NVD
CVE-2026-4788
EUVD
EUVD-2026-20028
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
ibm tivoli_netcool/impact From 7.1.0.0 (inc) to 7.1.0.38 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-532 The product writes sensitive information to a log file.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

CVE-2026-4788 is a vulnerability in IBM Tivoli Netcool Impact versions 7.1.0.0 through 7.1.0.37 where sensitive information is stored in log files that can be accessed by a local user.

This issue is classified under CWE-532, which involves the insertion of sensitive information into log files, potentially exposing confidential data.

The vulnerability has a CVSS v3.1 base score of 8.4, indicating a high severity with a local attack vector, low attack complexity, no privileges required, no user interaction needed, and a high impact on confidentiality, integrity, and availability.

Impact Analysis

This vulnerability can lead to unauthorized local users reading sensitive information stored in log files, which can compromise confidentiality.

Because the vulnerability affects confidentiality, integrity, and availability, it could allow attackers to gain access to sensitive data, potentially modify it, or disrupt system operations.

The impact is significant as it requires no privileges or user interaction to exploit, making it easier for local attackers to leverage.

Detection Guidance

There is no specific information provided about detection methods or commands to identify this vulnerability on your network or system.

Mitigation Strategies

The recommended immediate step to mitigate this vulnerability is to upgrade IBM Tivoli Netcool Impact to version 7.1.0 Fix Pack 38 or later.

No other workarounds or mitigations are provided besides upgrading to the fixed version.

Compliance Impact

The vulnerability involves IBM Tivoli Netcool Impact storing sensitive information in log files accessible to local users, which could lead to unauthorized disclosure of sensitive data.

Such unauthorized access to sensitive information could potentially impact compliance with data protection regulations like GDPR and HIPAA, which require safeguarding sensitive data and controlling access to it.

However, the provided information does not explicitly discuss the direct effects of this vulnerability on compliance with these or other common standards and regulations.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-4788. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart