IBM Cognos Analytics Mobile (iOS) authentication bypass_CVE-2025-36057

5.2 / 10

MEDIUM

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N

Description

IBM Cognos Analytics Mobile (iOS) 1.1.0 through 1.1.22

is vulnerable to authentication bypass by using the Local Authentication Framework library which is not needed as biometric authentication is not used in the application.

Basic Information

ID CVE-2025-36057

Source ibm

Published Jul 21, 2025 at 18:10

Modified Jul 21, 2025 at 18:39

Affected Product

Vendor IBM

Product Cognos Analytics Mobile

Version 1.1.0

Affected Versions IBM Cognos Analytics Mobile 1.1.0

CWE Classification

CWE-299

References

www.ibm.com /support/pages/node/7239635

{
    "lastseen": "",
    "description": "IBM Cognos Analytics Mobile (iOS) 1.1.0 through 1.1.22 \n\nis vulnerable to authentication bypass by using the Local Authentication Framework library which is not needed as biometric authentication is not used in the application.",
    "published": "2025-07-21T18:10:32.157Z",
    "modified": "2025-07-21T18:39:00.437Z",
    "type": "cve",
    "title": "IBM Cognos Analytics Mobile (iOS) authentication bypass",
    "source": "ibm",
    "references": "https://www.ibm.com/support/pages/node/7239635",
    "id": "CVE-2025-36057",
    "bulletinFamily": "",
    "cwe": [
        "CWE-299"
    ],
    "cvelist": null,
    "sourceData": "IBM Cognos Analytics Mobile 1.1.0",
    "sourceHref": "",
    "cvss": {
        "score": 5.2,
        "severity": "MEDIUM",
        "vector": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Cognos Analytics Mobile",
    "version": "1.1.0",
    "vendor": "IBM",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}