Envoy: >> Passport Security Vulnerabilities
Envoy Passport for Android and Envoy Passport for iPhone could allow a local attacker to obtain sensitive information, caused by the storing of unencrypted data in logs. An attacker could exploit this vulnerability to obtain two API keys, a token and other sensitive information.
CVSS Score
2.9
EPSS Score
0.0
Published
2019-03-21
Envoy Passport for Android and Envoy Passport for iPhone could allow a local attacker to obtain sensitive information, caused by the storing of hardcoded OAuth Creds in plaintext. An attacker could exploit this vulnerability to obtain sensitive information.
CVSS Score
2.9
EPSS Score
0.001
Published
2019-03-21