IBM Cognos Analytics Mobile (iOS) 1.1.0 through 1.1.22 could allow malicious actors to view and modify information coming to and from the application which could then be used to access confidential information on the device or network by using a the deprecated or misconfigured AFNetworking library at runtime.
History

Mon, 21 Jul 2025 19:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Mon, 21 Jul 2025 18:30:00 +0000

Type Values Removed Values Added
Description IBM Cognos Analytics Mobile (iOS) 1.1.0 through 1.1.22 could allow malicious actors to view and modify information coming to and from the application which could then be used to access confidential information on the device or network by using a the deprecated or misconfigured AFNetworking library at runtime.
Title IBM Cognos Analytics Mobile (iOS) information disclosure
First Time appeared Ibm
Ibm cognos Analytics Mobile
Weaknesses CWE-326
CPEs cpe:2.3:a:ibm:cognos_analytics_mobile:1.1.0:*:*:*:*:ios:*:*
cpe:2.3:a:ibm:cognos_analytics_mobile:1.1.22:*:*:*:*:ios:*:*
Vendors & Products Ibm
Ibm cognos Analytics Mobile
References
Metrics cvssV3_1

{'score': 6.5, 'vector': 'CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:N'}


cve-icon MITRE

Status: PUBLISHED

Assigner: ibm

Published: 2025-07-21T18:08:09.988Z

Updated: 2025-07-21T18:43:15.502Z

Reserved: 2025-04-15T21:16:16.298Z

Link: CVE-2025-36106

cve-icon Vulnrichment

Updated: 2025-07-21T18:41:49.667Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2025-07-21T19:15:29.157

Modified: 2025-07-22T13:05:40.573

Link: CVE-2025-36106

cve-icon Redhat

No data.