Generation of Error Message Containing Sensitive Information
CVE-2020-7231
Summary
Evoko Home 1.31 devices provide different error messages for failed login requests depending on whether the username is valid.
- LOW
- NETWORK
- NONE
- UNCHANGED
- NONE
- NONE
- LOW
- NONE
CWE-209 - Generation of Error Message Containing Sensitive Information
The software generates an error message that includes sensitive information about its environment, users, or associated data.
References
Advisory Timeline
- Published