Expiration of Bearer Tokens in Milwaukee ONE-KEY Android App Allows Unauthorized User Actions
CVE-2017-3215 · MEDIUM Severity
AV:N/AC:L/AU:N/C:N/I:P/A:N
The Milwaukee ONE-KEY Android mobile application uses bearer tokens with an expiration of one year. This bearer token, in combination with a user_id can be used to perform user actions.
Learn more about our Cis Benchmark Audit For Google Android.