CVE-2026-4788 PUBLISHED

Multiple Vulnerabilities affect IBM Tivoli Netcool Impact

Assigner: ibm
Reserved: 24.03.2026 Published: 08.04.2026 Updated: 08.04.2026

IBM Tivoli Netcool Impact 7.1.0.0 through 7.1.0.37 stores sensitive information in log files that could be read by a local user.

Metrics

CVSS 3.1

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVSS Score: 8.4

Attack Vector	Local	Scope	Unchanged
Attack Complexity	Low	Confidentiality Impact	High
Privileges Required	None	Integrity Impact	High
User Interaction	None	Availability Impact	High

CVSS 3.1

Product Status

Vendor	IBM
Product	Tivoli Netcool Impact
Versions	affected from 7.1.0.0 to 7.1.0.37 (incl.)

Solutions

IBM strongly recommends addressing the vulnerability now by upgrading to 7.1.0 FP38

ProductVRMFRemediationIBM Tivoli Netcool Impact7.1.0.38Upgrade to IBM Tivoli Netcool Impact 7.1.0 Fix Pack 38 https://www.ibm.com/support/pages/node/7184732 or later.

References

https://www.ibm.com/support/pages/node/7268267

Problem Types

CWE-532 Insertion of Sensitive Information into Log File CWE