CVE-2025-36062

MEDIUM

IBM Cognos Analytics Mobile < 1.1.23 - Missing Encryption

Title source: rule
STIX 2.1

Description

IBM Cognos Analytics Mobile (iOS) 1.1.0 through 1.1.22 could be vulnerable to information exposure due to the use of unencrypted network traffic.

References (1)

Scores

CVSS v3 5.9
EPSS 0.0003
EPSS Percentile 7.7%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact partial

Details

CWE
CWE-311
Status published
Products (1)
ibm/cognos_analytics_mobile 1.1.0 - 1.1.23
Published Jul 21, 2025
Tracked Since Feb 18, 2026