CVE-2017-14007 Vulnerability Details

  /     /     /  

CVE-2017-14007 Metadata Quick Info

CVE Published: 17/10/2017 | CVE Updated: 05/08/2024 | CVE Year: 2017
Source: icscert | Vendor: n/a | Product: ProMinent MultiFLEX M10a Controller
Status : PUBLISHED

CVE-2017-14007 Description

An Insufficient Session Expiration issue was discovered in ProMinent MultiFLEX M10a Controller web interface. The user\'s session is available for an extended period beyond the last activity, allowing an attacker to reuse an old session for authorization.

Metrics

CVSS Version: 3.1 | Base Score: n/a
Vector: n/a

l➤ Exploitability Metrics:
    Attack Vector (AV)*
    Attack Complexity (AC)*
    Privileges Required (PR)*
    User Interaction (UI)*
    Scope (S)*

l➤ Impact Metrics:
    Confidentiality Impact (C)*
    Integrity Impact (I)*
    Availability Impact (A)*

Weakness Enumeration (CWE)

CWE-ID: CWE-613
CWE Name: CWE-613
Source: n/a

Common Attack Pattern Enumeration and Classification (CAPEC)

CAPEC-ID:
CAPEC Description: