Home

Description

IBM Cognos Analytics Mobile (iOS) 1.1.0 through 1.1.22 is vulnerable to authentication bypass by using the Local Authentication Framework library which is not needed as biometric authentication is not used in the application.

PUBLISHED Reserved 2025-04-15 | Published 2025-07-21 | Updated 2025-08-18 | Assigner ibm




MEDIUM: 5.2CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N

Problem types

CWE-299 Authentication Bypass Using an Alternate Path or Channel

Product status

Default status
unaffected

1.1.0 (semver)
affected

References

www.ibm.com/support/pages/node/7239635 vendor-advisory patch

cve.org (CVE-2025-36057)

nvd.nist.gov (CVE-2025-36057)

Download JSON