CVE-2025-36057
5.2
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N
Summary
IBM Cognos Analytics Mobile (iOS) 1.1.0 through 1.1.22
is vulnerable to authentication bypass by using the Local Authentication Framework library which is not needed as biometric authentication is not used in the application.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| IBM | Cognos Analytics Mobile | 1.1.0 <= 1.1.22 | affected |
Weaknesses
- CWE-299: CWE-299 Authentication Bypass Using an Alternate Path or Channel
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: partial
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.