IBM Cognos Analytics Mobile (iOS) authentication bypass

July 21, 2025 invoker category_cve

CVE Details

Basic Information

Title IBM Cognos Analytics Mobile (iOS) authentication bypass
Type cve
Published 2025-07-21T18:10:32.157Z
Modified 2025-07-21T18:39:00.437Z

Product Information

Vendor IBM
Product Cognos Analytics Mobile
Version 1.1.0

CVSS Information

Base Score 5.2 (MEDIUM)
Attack Vector CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N

Affected Products

  • IBM Cognos Analytics Mobile 1.1.0

Additional Information

CWE List CWE-299
Source ibm

Description

IBM Cognos Analytics Mobile (iOS) 1.1.0 through 1.1.22

is vulnerable to authentication bypass by using the Local Authentication Framework library which is not needed as biometric authentication is not used in the application.

💭 Join the Security Discussion

🔒 Your email address will not be published. Required fields are marked *

⚠️ Please be respectful and constructive in your comments. Security discussions should remain professional.