Описание
IBM Cognos Analytics Mobile (iOS) 1.1.0 through 1.1.22
is vulnerable to authentication bypass by using the Local Authentication Framework library which is not needed as biometric authentication is not used in the application.
Ссылки
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия от 1.1.0 (включая) до 1.1.23 (исключая)
cpe:2.3:a:ibm:cognos_analytics_mobile:*:*:*:*:*:iphone_os:*:*
EPSS
Процентиль: 2%
0.00014
Низкий
5.2 Medium
CVSS3
4.6 Medium
CVSS3
Дефекты
CWE-299
Связанные уязвимости
CVSS3: 5.2
github
7 месяцев назад
IBM Cognos Analytics Mobile (iOS) 1.1.0 through 1.1.22 is vulnerable to authentication bypass by using the Local Authentication Framework library which is not needed as biometric authentication is not used in the application.
EPSS
Процентиль: 2%
0.00014
Низкий
5.2 Medium
CVSS3
4.6 Medium
CVSS3
Дефекты
CWE-299