{"description":"Trending threats, MITRE ATT\u0026CK coverage, and detection metadata. Fed continuously.","feed_url":"https://feed.craftedsignal.io/products/engineering-ai-hub-1.1.0/feed.json","home_page_url":"https://feed.craftedsignal.io/","items":[{"_cs_actors":[],"_cs_cpes":[],"_cs_cves":[{"cvss":7.5,"id":"CVE-2026-15322"}],"_cs_exploited":false,"_cs_has_poc":false,"_cs_poc_references":[],"_cs_products":["Engineering AI Hub 1.0.0","Engineering AI Hub 1.1.0","Engineering AI Hub 1.2.0"],"_cs_severities":["high"],"_cs_tags":["vulnerability","information-disclosure","session-token","ibm","cve"],"_cs_type":"advisory","_cs_vendors":["IBM"],"content_html":"\u003cp\u003eIBM Engineering AI Hub versions 1.0.0, 1.1.0, and 1.2.0 are affected by CVE-2026-15322, an information disclosure vulnerability (CWE-598) that allows a remote attacker to obtain sensitive session tokens. This flaw stems from the application's practice of embedding session tokens directly within URL query strings. Attackers can exploit this by intercepting network traffic, accessing web server logs, or leveraging browser history and referrer headers to capture these tokens. Successful exploitation could grant the attacker unauthorized access to the IBM Engineering AI Hub by hijacking legitimate user sessions, leading to the exposure and potential manipulation of sensitive data. This vulnerability affects core functionality of the AI Hub, which is designed for critical engineering tasks.\u003c/p\u003e\n\u003ch2 id=\"attack-chain\"\u003eAttack Chain\u003c/h2\u003e\n\u003col\u003e\n\u003cli\u003eA legitimate user interacts with a vulnerable instance of IBM Engineering AI Hub (versions 1.0.0, 1.1.0, or 1.2.0).\u003c/li\u003e\n\u003cli\u003eThe IBM Engineering AI Hub application constructs HTTP GET requests that inadvertently embed sensitive session tokens directly into the URL query parameters.\u003c/li\u003e\n\u003cli\u003eThese HTTP requests containing the session token are transmitted over the network and may be logged by intermediate network devices, web server logs, or stored in browser history.\u003c/li\u003e\n\u003cli\u003eA remote attacker monitors network traffic, or gains access to web server logs, browser history, or referrer logs where the sensitive URLs are recorded.\u003c/li\u003e\n\u003cli\u003eThe attacker extracts the session token from the exposed URL.\u003c/li\u003e\n\u003cli\u003eThe attacker then uses the captured session token to hijack the legitimate user's active session.\u003c/li\u003e\n\u003cli\u003eThis session hijacking grants the attacker unauthorized access to the IBM Engineering AI Hub with the privileges of the impersonated user.\u003c/li\u003e\n\u003cli\u003eThe attacker can now access, view, or potentially manipulate sensitive information or functionalities within the compromised application.\u003c/li\u003e\n\u003c/ol\u003e\n\u003ch2 id=\"impact\"\u003eImpact\u003c/h2\u003e\n\u003cp\u003eThe successful exploitation of CVE-2026-15322 can lead to severe information disclosure and unauthorized access. Attackers can gain complete control over a user's session within the IBM Engineering AI Hub, allowing them to access sensitive engineering data, intellectual property, or configurations. This could result in data theft, data tampering, or further compromise of integrated systems. While the number of victims or specific sectors are not detailed in the advisory, any organization utilizing the affected versions of IBM Engineering AI Hub is at risk, particularly those handling confidential design, development, or AI-related data.\u003c/p\u003e\n\u003ch2 id=\"recommendation\"\u003eRecommendation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePatch CVE-2026-15322 immediately by upgrading IBM Engineering AI Hub to a fixed version as specified by IBM in their security bulletin referenced at \u003ca href=\"https://www.ibm.com/support/pages/node/7279964\"\u003ehttps://www.ibm.com/support/pages/node/7279964\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eReview application architecture and development practices to avoid the inclusion of sensitive information, such as session tokens, directly in URLs (CWE-598).\u003c/li\u003e\n\u003cli\u003eImplement secure session management practices, including using HTTP-only and secure flags for cookies, and ensuring session tokens are passed via HTTP headers or POST bodies rather than URLs.\u003c/li\u003e\n\u003cli\u003eMonitor network traffic for unusual or unencrypted transmission of session tokens in URLs originating from IBM Engineering AI Hub instances.\u003c/li\u003e\n\u003c/ul\u003e\n","date_modified":"2026-07-17T20:26:19Z","date_published":"2026-07-17T20:26:19Z","id":"https://feed.craftedsignal.io/briefs/2026-07-ibm-ai-hub-cve-2026-15322/","summary":"A remote attacker can exploit CVE-2026-15322 in IBM Engineering AI Hub versions 1.0.0, 1.1.0, and 1.2.0 to obtain sensitive session tokens exposed in URLs, potentially leading to unauthorized access and information disclosure.","title":"IBM Engineering AI Hub Information Disclosure via URL Session Tokens (CVE-2026-15322)","url":"https://feed.craftedsignal.io/briefs/2026-07-ibm-ai-hub-cve-2026-15322/"}],"language":"en","title":"CraftedSignal Threat Feed - Engineering AI Hub 1.1.0","version":"https://jsonfeed.org/version/1.1"}