ID |
CVE-2017-5250
|
Summary |
In version 1.9.7 and prior of Insteon's Insteon for Hub Android app, the OAuth token used by the app to authorize user access is not stored in an encrypted and secure manner. |
References |
|
Vulnerable Configurations |
|
CVSS |
Base: | 5.0 (as of 09-10-2019 - 23:28) |
Impact: | |
Exploitability: | |
|
CWE |
CWE-922 |
CAPEC |
|
Access |
Vector | Complexity | Authentication |
NETWORK |
LOW |
NONE |
|
Impact |
Confidentiality | Integrity | Availability |
PARTIAL |
NONE |
NONE |
|
cvss-vector
via4
|
AV:N/AC:L/Au:N/C:P/I:N/A:N
|
refmap
via4
|
|
Last major update |
09-10-2019 - 23:28 |
Published |
22-02-2018 - 16:29 |
Last modified |
09-10-2019 - 23:28 |