An unauthorized attacker who has obtained an IBM Watson IoT Platform 1.0 security authentication token can use it to impersonate an authorized platform user. IBM X-Force ID: 261201.
When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.