Primary

Context

IBM Cognos Analytics Mobile Debug Information Exposure Vulnerability

Vulnerability

Patched

A vulnerability exists in IBM Cognos Analytics Mobile version 1.1 for Android, allowing a user with physical access to the device to retrieve sensitive information from debugging code log messages. This issue arises from the improper handling of sensitive information in a way that could be exposed through debugging tools.

Impact

Exploitation of this vulnerability could lead to unauthorized access to sensitive information, potentially including personal data or other confidential details, through the interception of debugging log messages.

Remediation

Users are advised to upgrade to IBM Cognos Analytics Mobile version 1.1.21, available on the Google Play Store. Additionally, the latest version of the IBM Cognos Analytics Mobile Extension v3.41.5 should be downloaded and installed on their IBM Cognos Analytics instance.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

2.4

impact

2.5

exploitability

3.3

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

2.4

impact

2.5

exploitability

3.3

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

IBM Cognos Analytics Mobile Debug Information Exposure Vulnerability

Vulnerability

Impact

Remediation

Affected Products

IBM Cognos Analytics Mobile

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating