In version 1.9.7 and prior of Insteon's Insteon for Hub Android app, the OAuth token used by the app to authorize user access is not stored in an encrypted and secure manner.
References
Link | Resource |
---|---|
https://blog.rapid7.com/2017/09/22/multiple-vulnerabilities-in-wink-and-insteon-smart-home-systems/ | Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: rapid7
Published: 2018-02-22T16:00:00
Updated: 2018-02-22T15:57:01
Reserved: 2017-01-09T00:00:00
Link: CVE-2017-5250
JSON object: View
NVD Information
Status : Modified
Published: 2018-02-22T16:29:00.310
Modified: 2019-10-09T23:28:15.620
Link: CVE-2017-5250
JSON object: View
Redhat Information
No data.