CVE-2023-38009

Name of the Vulnerable Software and Affected Versions IBM Cognos Mobile Client version 1.1 iOS

Description The issue is related to information disclosure through man-in-the-middle techniques due to the lack of certificate pinning. This could potentially allow unauthorized access to sensitive information. No specific details about the estimated number of affected devices or real-world incidents are provided.

Recommendations For IBM Cognos Mobile Client version 1.1 iOS, consider implementing certificate pinning to prevent man-in-the-middle attacks as a mitigation measure. At the moment, there is no information about a newer version that contains a fix for this vulnerability.