2.4

CVE-2025-0895

IBM Cognos Mobile information disclosure

IBM Cognos Analytics Mobile 1.1 for Android could allow a user with physical access to the device, to obtain sensitive information from debugging code log messages.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
IbmCognos Analytics Mobile SwPlatformandroid Version >= 1.1.0 < 1.1.21
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.19% 0.082
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
psirt@us.ibm.com 2.4 0.9 1.4
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
CWE-215 Insertion of Sensitive Information Into Debugging Code

The product inserts sensitive information into debugging code, which could expose this information if the debugging code is not disabled in production.

https://www.ibm.com/support/pages/node/7184430
Vendor Advisory