Information Disclosure Vulnerability Affecting IBM Cognos Analytics Mobile
CVE-2025-0895

2.4LOW

Key Information:

Vendor: IBM
Status: Cognos Analytics Mobile
Vendor: CVE Published:; 2 March 2025

What is CVE-2025-0895?

A security flaw in IBM Cognos Analytics Mobile 1.1 for Android can expose sensitive information through debugging code log messages if an unauthorized user gains physical access to the device. This vulnerability highlights the importance of securing mobile applications and ensuring that sensitive logs are not accessible to unauthorized users.

Affected Version(s)

Cognos Analytics Mobile Android 1.1

References

https://www.ibm.com/support/pages/node/7184430

vendor-advisory

CVSS V3.1

Score:

2.4

Severity:

LOW

Confidentiality:

Low

Integrity:

None

Availability:

Low

Attack Vector:

Physical

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Mar 2, 2025
Vulnerability Reserved
Jan 30, 2025