Weak Obfuscation in IBM Cognos Analytics Mobile for Android
CVE-2021-39080

4.8MEDIUM

Key Information:

Vendor: IBM
Status: Cognos Analytics Mobile
Vendor: CVE Published:; 14 February 2022

Summary

The IBM Cognos Analytics Mobile application for Android, prior to version 1.1.14, suffers from weak obfuscation. This allows attackers to potentially reverse engineer the application's codebase, exposing sensitive programming techniques, interface details, class definitions, algorithms, and functions. This vulnerability highlights the risks associated with inadequate code protection mechanisms, which can lead to unauthorized access to proprietary information and software exploitation.

Affected Version(s)

Cognos Analytics Mobile 1.1

References

https://www.ibm.com/support/pages/node/6555140

x_refsource_CONFIRM

https://exchange.xforce.ibmcloud.com/vulnerabilities/215593

vdb-entryx_refsource_XF

CVSS V3.1

Score:

4.8

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Feb 14, 2022
Vulnerability Reserved
Aug 16, 2021