exploitDog

GHSA-vfc9-93vh-4x8h

Опубликовано: 13 мая 2022

Источник: github

Github: Не прошло ревью

CVSS3: 9.8

Описание

In version 6.1.0.19 and prior of Wink Labs's Wink - Smart Home Android app, the OAuth token used by the app to authorize user access is not stored in an encrypted and secure manner.

In version 6.1.0.19 and prior of Wink Labs's Wink - Smart Home Android app, the OAuth token used by the app to authorize user access is not stored in an encrypted and secure manner.

Ссылки

EPSS

Процентиль: 40%

0.00178

Низкий

9.8 Critical

CVSS3

CVE ID

Дефекты

CWE-312

Связанные уязвимости

CVE-2017-5249

CVSS3: 9.8

nvd

почти 8 лет назад

In version 6.1.0.19 and prior of Wink Labs's Wink - Smart Home Android app, the OAuth token used by the app to authorize user access is not stored in an encrypted and secure manner.

EPSS

Процентиль: 40%

0.00178

Низкий

9.8 Critical

CVSS3

CVE ID

Дефекты

CWE-312