CVE Daily

CVE-2025-36057

IBM Cognos Analytics Mobile (iOS) 1.1.0 through 1.1.22 is vulnerable to authen...

Medium CVSS 5.2

Overview

IBM Cognos Analytics Mobile (iOS) 1.1.0 through 1.1.22

is vulnerable to authentication bypass by using the Local Authentication Framework library which is not needed as biometric authentication is not used in the application.

CWE: CWE-299 Published: 2025-07-21T19:15:28.840
Risk analysis

This vulnerability is rated 🟡 MEDIUM.

  • CVSS: 5.2 (MEDIUM)
  • Detected tags: unauth_access (tag impact: HIGH)

Recommended actions:

  • Enforce authentication/authorization; reduce default endpoint exposure.

Recommended tools

Tags