CVE-2017-5250

critical

Description

In version 1.9.7 and prior of Insteon's Insteon for Hub Android app, the OAuth token used by the app to authorize user access is not stored in an encrypted and secure manner.

Details

Source: Mitre, NVD

Published: 2018-02-22

Updated: 2024-11-21

Risk Information

CVSS v2

Base Score: 5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N

Severity: Medium

CVSS v3

Base Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Severity: Critical

EPSS

EPSS: 0.00161

Detections

Analytics