CNNVD-202507-2696 Information

CNNVD ID

CNNVD-202507-2696

Related CVE

CVE-2025-36106

• CNNVD Published: 2025-07-21

Description (Chinese)

IBM Cognos Analytics Mobile是美国国际商业机器（IBM）公司的一个应用程序。集成了报告、建模、分析、仪表板、案例和事件管理。 IBM Cognos Analytics Mobile 1.1.0至1.1.22版本存在加密问题漏洞，该漏洞源于使用已弃用或配置错误的AFNetworking库，可能导致信息泄露和修改。

Description (English)

IBM Cognos Analytics Mobile is an application of IBM. It brings together reports, modelling, analysis, dashboards, case and incident management. The IBM Cognos Analytics Mobile 1.1.1 to 1.1.22 contains encryption loopholes, which stem from the use of the abandoned or misconfigured AFNetworking library, which may lead to information leaking and modification.

Hazard Level

High

Vulnerability Type

加密问题

Affected Vendor

国际商业机器

Published

2025-07-21

Last Modified

2026-02-24

References

https://www.ibm.com/support/pages/node/7239635

Patch

https://www.ibm.com/support/pages/node/7239635