CVE-2025-36057— IBM Cognos Analytics Mobile (iOS) authentication bypass
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2025-36057
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
IBM Cognos Analytics Mobile (iOS) authentication bypass
Source: NVD (National Vulnerability Database)
Vulnerability Description
IBM Cognos Analytics Mobile (iOS) 1.1.0 through 1.1.22 is vulnerable to authentication bypass by using the Local Authentication Framework library which is not needed as biometric authentication is not used in the application.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N
Source: NVD (National Vulnerability Database)
Vulnerability Type
证书撤销验证不恰当
Source: NVD (National Vulnerability Database)
Vulnerability Title
IBM Cognos Analytics Mobile 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
IBM Cognos Analytics Mobile是美国国际商业机器(IBM)公司的一个应用程序。集成了报告、建模、分析、仪表板、案例和事件管理。 IBM Cognos Analytics Mobile 1.1.0至1.1.22版本存在安全漏洞,该漏洞源于使用不必要的本地身份验证框架库,可能导致身份验证绕过。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| IBM | Cognos Analytics Mobile | 1.1.0 ~ 1.1.22 | cpe:2.3:a:ibm:cognos_analytics_mobile:1.1.0:*:*:*:*:ios:*:* |
II. Public POCs for CVE-2025-36057
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2025-36057
请登录查看更多情报信息。
Same Patch Batch · IBM · 2025-07-21 · 4 CVEs total
| CVE-2025-36106 | 6.5 MEDIUM | IBM Cognos Analytics Mobile (iOS) information disclosure |
| CVE-2025-36062 | 5.9 MEDIUM | IBM Cognos Analytics Mobile (iOS) information disclosure |
| CVE-2025-36107 | 5.9 MEDIUM | IBM Cognos Analytics Mobile (iOS) information disclosure |
IV. Related Vulnerabilities
Same product: Cognos Analytics Mobile
- CVE-2025-36062
IBM Cognos Analytics Mobile (iOS) information disclosure - CVE-2025-36106
IBM Cognos Analytics Mobile (iOS) information disclosure - CVE-2025-36107
IBM Cognos Analytics Mobile (iOS) information disclosure - CVE-2024-55907
IBM Cognos Mobile information disclosure - CVE-2025-0895
IBM Cognos Mobile information disclosure
Same vendor: IBM
- CVE-2026-1577
IBM® Db2® is vulnerable to a denial of service with a specia - CVE-2025-36122
IBM® Db2® is vulnerable to a denial of service with a specia - CVE-2025-14688
IBM® Db2® is vulnerable to a denial of service when fetching - CVE-2026-2311
IBM i is affected by a privilege escalation vulnerability in - CVE-2025-36180
Inadequate Pod Communication Restrictions, affects watsonx.d
Same weakness: CWE-299
- CVE-2026-4428
CRL Distribution Point Scope Check Logic Error in AWS-LC - CVE-2025-11955
Incorrect validation of OCSP certificates in TheGreenBow VPN - CVE-2025-3085
MongoDB Server running on Linux may allow unexpected connect - CVE-2024-56138
Timestamp signature generation lacks certificate revocation - CVE-2023-23690
Dell EMC Storage信任管理问题漏洞
V. Comments for CVE-2025-36057
No comments yet