Unencrypted Data Storage in Envoy Passport for Android and iPhone Logs Vulnerability

Unencrypted Data Storage in Envoy Passport for Android and iPhone Logs Vulnerability

CVE-2018-17499 · LOW Severity

AV:L/AC:L/AU:N/C:P/I:N/A:N

Envoy Passport for Android and Envoy Passport for iPhone could allow a local attacker to obtain sensitive information, caused by the storing of unencrypted data in logs. An attacker could exploit this vulnerability to obtain two API keys, a token and other sensitive information.

Learn more about our Cis Benchmark Audit For Google Android.