exploitDog

GHSA-wwpq-7cfc-wwwm

Опубликовано: 13 мая 2022

Источник: github

Github: Не прошло ревью

CVSS3: 9.8

Описание

In version 1.9.7 and prior of Insteon's Insteon for Hub Android app, the OAuth token used by the app to authorize user access is not stored in an encrypted and secure manner.

In version 1.9.7 and prior of Insteon's Insteon for Hub Android app, the OAuth token used by the app to authorize user access is not stored in an encrypted and secure manner.

Ссылки

EPSS

Процентиль: 36%

0.00153

Низкий

9.8 Critical

CVSS3

CVE ID

Дефекты

CWE-312

Связанные уязвимости

CVE-2017-5250

CVSS3: 9.8

nvd

почти 8 лет назад

In version 1.9.7 and prior of Insteon's Insteon for Hub Android app, the OAuth token used by the app to authorize user access is not stored in an encrypted and secure manner.

EPSS

Процентиль: 36%

0.00153

Низкий

9.8 Critical

CVSS3

CVE ID

Дефекты

CWE-312