Security Advisory

CVE-2017-14013

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2017-10-17 22:00:00

Last updated 2024-08-05 19:13:41

Assigner icscert

State PUBLISHED

Description

A Client-Side Enforcement of Server-Side Security issue was discovered in ProMinent MultiFLEX M10a Controller web interface. The log out function in the application removes the users session only on the client side. This may allow an attacker to bypass protection mechanisms, gain privileges, or assume the identity of an authenticated user.

← Browse all CVEs View on cve.org ↗