Data Leakage Risk in IBM Cognos Analytics Mobile for iOS
CVE-2025-36107

5.9MEDIUM

Key Information:

Vendor

IBM
Status
Cognos Analytics Mobile
Vendor
CVE Published:
21 July 2025

What is CVE-2025-36107?

IBM Cognos Analytics Mobile for iOS versions 1.1.0 through 1.1.22 is at risk due to the cleartext transmission of sensitive information, allowing malicious actors to intercept and access confidential data. This vulnerability underscores the importance of secure data transmission practices in mobile applications to safeguard user information.

Affected Version(s)

Cognos Analytics Mobile iOS 1.1.0 <= 1.1.22

References

https://www.ibm.com/support/pages/node/7239635
vendor-advisory

CVSS V3.1

Score:
5.9
Severity:
MEDIUM
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Network
Attack Complexity:
High
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.