Multiflex M10A Controller Firmware
Monthly
A Client-Side Enforcement of Server-Side Security issue was discovered in ProMinent MultiFLEX M10a Controller web interface. Rated medium severity (CVSS 5.6), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.
A Cross-Site Request Forgery issue was discovered in ProMinent MultiFLEX M10a Controller web interface. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
An Information Exposure issue was discovered in ProMinent MultiFLEX M10a Controller web interface. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
An Insufficient Session Expiration issue was discovered in ProMinent MultiFLEX M10a Controller web interface. Rated medium severity (CVSS 5.6), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.
An Unverified Password Change issue was discovered in ProMinent MultiFLEX M10a Controller web interface. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
A Client-Side Enforcement of Server-Side Security issue was discovered in ProMinent MultiFLEX M10a Controller web interface. Rated medium severity (CVSS 5.6), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.
A Cross-Site Request Forgery issue was discovered in ProMinent MultiFLEX M10a Controller web interface. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
An Information Exposure issue was discovered in ProMinent MultiFLEX M10a Controller web interface. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
An Insufficient Session Expiration issue was discovered in ProMinent MultiFLEX M10a Controller web interface. Rated medium severity (CVSS 5.6), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.
An Unverified Password Change issue was discovered in ProMinent MultiFLEX M10a Controller web interface. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.