CVE-2017-14005
CVE-2017-14005
An Unverified Password Change issue was discovered in ProMinent MultiFLEX M10a Controller web interface. When setting a new password for a user, the application does not require the user to know the original password. An attacker who is authenticated could change a user's password, enabling future access and possible configuration changes.
Affected products
n/a · ProMinent MultiFLEX M10a ControllerWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →