Cyber Resilience

CVE-2026-4788

High

Published: 08 April 2026

Published
08 April 2026
Modified
14 April 2026
KEV Added
Patch
CVSS Score v3.1 8.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.0012 1.9th percentile
Risk Priority 55 floored blend · peak EPSS

Summary

CVE-2026-4788 is a high-severity Insertion of Sensitive Information into Log File (CWE-532) vulnerability in Ibm Tivoli Netcool\/Impact. Its CVSS base score is 8.4 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Data from Local System (T1005); ranked at the 1.9th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 AC-3 (Access Enforcement) and AU-9 (Protection of Audit Information).

Deeper analysis

CVE-2026-4788 is a vulnerability in IBM Tivoli Netcool Impact versions 7.1.0.0 through 7.1.0.37, where sensitive information is stored in log files that can be read by a local user. Published on 2026-04-08, it carries a CVSS v3.1 base score of 8.4 (AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) and is linked to CWE-532 (Insertion of Sensitive Information into Log File).

A local user requires no privileges to exploit this issue by accessing the affected log files. Exploitation enables reading of sensitive information stored within those logs, with the CVSS metrics indicating high impacts on confidentiality, integrity, and availability.

IBM provides details on mitigation in its security advisory at https://www.ibm.com/support/pages/node/7268267.

OWASP Top 10 for Web (2025)

EU & UK References

Vulnerability details

IBM Tivoli Netcool Impact 7.1.0.0 through 7.1.0.37 stores sensitive information in log files that could be read by a local user.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1005 Data from Local System Collection
Adversaries may search local system sources, such as file systems, configuration files, local databases, virtual machine files, or process memory, to find files of interest and sensitive data prior to Exfiltration.
T1654 Log Enumeration Discovery
Adversaries may enumerate system and service logs to find useful data.
Why these techniques?

Vulnerability exposes sensitive data in accessible log files to local users with no privileges, directly enabling collection of data from local system sources and enumeration of system logs.

Confidence: MEDIUM · MITRE ATT&CK Enterprise v19.0

CVEs Like This One

CVE-2026-0977Same vendor: Ibm
CVE-2024-28766Same vendor: Ibm
CVE-2025-1722Same vendor: Ibm
CVE-2025-13108Same vendor: Ibm
CVE-2024-31896Same vendor: Ibm
CVE-2025-0162Same vendor: Ibm
CVE-2024-45652Same vendor: Ibm
CVE-2023-38272Same vendor: Ibm
CVE-2025-13616Same vendor: Ibm
CVE-2025-13096Same vendor: Ibm

Affected Assets

ibm
tivoli netcool\/impact
7.1.0.0 — 7.1.0.38

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

AU-9 directly protects log files containing sensitive information from unauthorized access by local users.

prevent

SI-2 remediates the flaw that inserts sensitive information into log files, preventing the vulnerability at its source.

prevent

AC-3 enforces approved access controls on log files to block unprivileged local users from reading sensitive information.

References