PT-2018-8243 · Insteon · Insteon For Hub

Deral Heiland

Publicado

2018-02-22

Atualizado

2019-10-09

CVE-2017-5250

CVSS v3.1

9.8

Crítica

Vetor

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions: Insteon for Hub Android app versions 1.9.7 and prior

Description: The issue concerns the insecure storage of the OAuth token used for authorizing user access. This token is not stored in an encrypted and secure manner, potentially exposing user data.

Recommendations: For versions 1.9.7 and prior, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

Insecure Storage of Sensitive Information

Cleartext Storage of Sensitive Information

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-922CWE-312

Identificadores relacionados

CVE-2017-5250

Produtos afetados

Insteon For Hub

PT-2018-8243 · Insteon · Insteon For Hub

CVE-2017-5250

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 3