Описание
In version 6.1.0.19 and prior of Wink Labs's Wink - Smart Home Android app, the OAuth token used by the app to authorize user access is not stored in an encrypted and secure manner.
Уязвимые конфигурации
Конфигурация 1Версия до 6.1.0.19 (включая)
cpe:2.3:a:wink:wink:*:*:*:*:*:android:*:*
EPSS
Процентиль: 39%
0.00178
Низкий
9.8 Critical
CVSS3
5 Medium
CVSS2
Дефекты
CWE-922
CWE-312
Связанные уязвимости
CVSS3: 9.8
github
больше 3 лет назад
In version 6.1.0.19 and prior of Wink Labs's Wink - Smart Home Android app, the OAuth token used by the app to authorize user access is not stored in an encrypted and secure manner.
EPSS
Процентиль: 39%
0.00178
Низкий
9.8 Critical
CVSS3
5 Medium
CVSS2
Дефекты
CWE-922
CWE-312