{"dataType":"CVE_RECORD","dataVersion":"5.1","cveMetadata":{"cveId":"CVE-2024-55907","assignerOrgId":"9a959283-ebb5-44b6-b705-dcc2bbced522","state":"PUBLISHED","assignerShortName":"ibm","dateReserved":"2024-12-12T18:07:25.450Z","datePublished":"2025-03-02T15:22:59.258Z","dateUpdated":"2025-09-01T01:09:49.562Z"},"containers":{"cna":{"affected":[{"cpes":["cpe:2.3:a:ibm:cognos_analytics_mobile:1.1:*:*:*:*:ios:*:*"],"defaultStatus":"unaffected","platforms":["iOS"],"product":"Cognos Analytics Mobile","vendor":"IBM","versions":[{"status":"affected","version":"1.1"}]}],"descriptions":[{"lang":"en","supportingMedia":[{"base64":false,"type":"text/html","value":"IBM Cognos Analytics Mobile 1.1 for iOS application could allow an attacker to reverse engineer the codebase to gain knowledge about the programming technique, interface, class definitions, algorithms and functions used due to weak obfuscation."}],"value":"IBM Cognos Analytics Mobile 1.1 for iOS application could allow an attacker to reverse engineer the codebase to gain knowledge about the programming technique, interface, class definitions, algorithms and functions used due to weak obfuscation."}],"metrics":[{"cvssV3_1":{"attackComplexity":"HIGH","attackVector":"PHYSICAL","availabilityImpact":"NONE","baseScore":2,"baseSeverity":"LOW","confidentialityImpact":"LOW","integrityImpact":"NONE","privilegesRequired":"NONE","scope":"UNCHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N","version":"3.1"},"format":"CVSS","scenarios":[{"lang":"en","value":"GENERAL"}]}],"problemTypes":[{"descriptions":[{"cweId":"CWE-540","description":"CWE-540 Inclusion of Sensitive Information in Source Code","lang":"en","type":"CWE"}]}],"providerMetadata":{"orgId":"9a959283-ebb5-44b6-b705-dcc2bbced522","shortName":"ibm","dateUpdated":"2025-09-01T01:09:49.562Z"},"references":[{"tags":["vendor-advisory","patch"],"url":"https://www.ibm.com/support/pages/node/7184429"}],"source":{"discovery":"UNKNOWN"},"title":"IBM Cognos Mobile information disclosure","x_generator":{"engine":"Vulnogram 0.2.0"}},"adp":[{"metrics":[{"other":{"type":"ssvc","content":{"timestamp":"2025-03-03T15:24:58.531148Z","id":"CVE-2024-55907","options":[{"Exploitation":"none"},{"Automatable":"no"},{"Technical Impact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2025-03-03T15:25:14.134Z"}}]}}