Vulnerabilities > Prominent > High

DATE CVE VULNERABILITY TITLE RISK
2017-10-17 CVE-2017-14011 Cross-Site Request Forgery (CSRF) vulnerability in Prominent Multiflex M10A Controller Firmware
A Cross-Site Request Forgery issue was discovered in ProMinent MultiFLEX M10a Controller web interface.
network
low complexity
prominent CWE-352
8.8
8.8
2017-10-17 CVE-2017-14005 Weak Password Recovery Mechanism for Forgotten Password vulnerability in Prominent Multiflex M10A Controller Firmware
An Unverified Password Change issue was discovered in ProMinent MultiFLEX M10a Controller web interface.
network
low complexity
prominent CWE-640
8.8
8.8