CVE-2020-6653
3.8
CVSS:3.1/AV:P/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N
Summary
Eaton's Secure connect mobile app v1.7.3 & prior stores the user login credentials in logcat file when user create or register the account on the Mobile app. A malicious app or unauthorized user can harvest the information and later on can use the information to monitor and control the user's account and associated devices.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Eaton | Secure Connect Mobile App | unspecified <= 1.7.3 | affected |
Weaknesses
- CWE-200: CWE-200 Information Exposure
- CWE-532: CWE-532 Information Exposure Through Log Files
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.