Weak Obfuscation Vulnerability in IBM Cognos Analytics Mobile for iOS
CVE-2024-55907

2LOW

Key Information:

Vendor: IBM
Status: Cognos Analytics Mobile
Vendor: CVE Published:; 2 March 2025

What is CVE-2024-55907?

A weakness in the obfuscation of the IBM Cognos Analytics Mobile application for iOS may enable malicious actors to reverse engineer the application. This vulnerability exposes critical insights into the programming techniques, interface structures, class definitions, algorithms, and functions employed within the app. Such exposure can facilitate unauthorized access to sensitive data, thus elevating the risk of potential exploitation in various attack vectors.

Affected Version(s)

Cognos Analytics Mobile iOS 1.1

References

https://www.ibm.com/support/pages/node/7184429

vendor-advisory

CVSS V3.1

Score:

Severity:

LOW

Confidentiality:

Low

Integrity:

None

Availability:

Low

Attack Vector:

Physical

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Mar 2, 2025
Vulnerability Reserved
Dec 12, 2024