Insecure Storage of OAuth Token in Wink - Smart Home Android App

Insecure Storage of OAuth Token in Wink - Smart Home Android App

CVE-2017-5249 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

In version 6.1.0.19 and prior of Wink Labs's Wink - Smart Home Android app, the OAuth token used by the app to authorize user access is not stored in an encrypted and secure manner.

Learn more about our Cis Benchmark Audit For Google Android.