Primary

Context

IBM Cognos Analytics Mobile Authentication Bypass Vulnerability

Vulnerability

A vulnerability allowing authentication bypass has been identified in IBM Cognos Analytics Mobile for iOS, versions 1.1.0 through 1.1.22. This issue arises from the application's use of the Local Authentication Framework library, which is unnecessary since biometric authentication is not implemented. The vulnerability could potentially be exploited to bypass authentication mechanisms within the app.

Impact

Exploitation of this vulnerability could lead to unauthorized access by bypassing authentication requirements in the application.

Remediation

Users are advised to update to IBM Cognos Analytics Mobile (iOS) version 1.1.23.

Added: Jul 21, 2025, 7:40 PM

Updated: Jul 21, 2025, 7:40 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

5.0

exploitability

3.3

remediation

7.7

relevance

0.3

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

5.0

exploitability

3.3

remediation

7.7

relevance

0.3

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

IBM Cognos Analytics Mobile Authentication Bypass Vulnerability

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating